I just remove all the invokers except for the JVM invoker. I don't see the type of
security you mention to be generically useful enough to incorporate it as it would
complicate security pretty dramatically. Besides you'd have to store the
user/password for the mail listener locally anyway and if anyone has the abillity to
deploy an app then they presumably have the abillity to get at that password. I'm not
100% against it if you can demonstrate it in a non-invasive generically useful way...but
this seems like a special requirement and I don't see a great deal of
non-perception-only security added by it... Maybe I'm wrong...but I don't see
it.
View the original post :
http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3961659#...
Reply to the post :
http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&a...