Author: shane.bryzak(a)jboss.com
Date: 2009-04-15 18:26:06 -0400 (Wed, 15 Apr 2009)
New Revision: 10430
Modified:
trunk/doc/Seam_Reference_Guide/en-US/Security.xml
Log:
JBSEAM-3882
Modified: trunk/doc/Seam_Reference_Guide/en-US/Security.xml
===================================================================
--- trunk/doc/Seam_Reference_Guide/en-US/Security.xml 2009-04-15 22:03:58 UTC (rev 10429)
+++ trunk/doc/Seam_Reference_Guide/en-US/Security.xml 2009-04-15 22:26:06 UTC (rev 10430)
@@ -3225,6 +3225,18 @@
</tgroup>
</table>
+ <note>
+ <para>
+ As they are cached in the user's session, any custom
<literal>PermissionResolver</literal>
+ implementations must adhere to a couple of restrictions. Firstly, they may
not contain any
+ state that is finer-grained than session scope (and the scope of the
component itself should
+ either be application or session). Secondly, they must not use dependency
+ injection as they may be accessed from multiple threads simultaneously. In
fact, for
+ performance reasons it is recommended that they are annotated with
+ <literal>@BypassInterceptors</literal> to bypass Seam's
interceptor stack altogether.
+ </para>
+ </note>
+
</sect4>
</sect3>
Show replies by date