"anil.saldhana(a)jboss.com" wrote :
| c) SecurityContextClassName - The Container creates a security context in the thread
of execution. This FQN tells which SecurityContext implementation needs to be created.
| The container after creating the SC, injects the SecurityManagement instance into the
SC, such that whenever any code asks the SC for a SecurityManager, it can delegate it to
the SecurityManagement instance.
|
|
| war-deployer-beans.xml
| |
| | <!-- The WebMetaData to service mbean deployer -->
| | <bean name="WarDeployer"
class="org.jboss.web.tomcat.service.deployers.Tomcat
| | Deployer">
| | ...
| | <!-- Specify a SecurityManagement Wrapper -->
| | <property name="securityManagement">
| | <inject bean="JNDIBasedSecurityManagement"/>
| | </property>
| |
| | <!-- Specify a SecurityContext FQN class name -->
| | <property
name="securityContextClassName">org.jboss.security.plugins.JBos
| | sSecurityContext</property>
| |
|
| Similar case exists for the EJB deployer.
Ultimately this should be outside of the deployer in the security interceptor
configuration. Configs like the ejb3-interceptors-aop.xml should be injecting the Security
related beans that are defined in the security-deployer-beans.xml or similar. I don't
see these properties in the current TomcatDeployer. Is this checked in?
View the original post :
http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4085142#...
Reply to the post :
http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&a...