On Thu, Jul 21, 2011 at 04:51, Pete Muir <pmuir(a)redhat.com> wrote:
On 20 Jul 2011, at 12:46, Marek Schmidt wrote:
> Hi all,
> looking at https://issues.jboss.org/browse/SEAMSECURITY-81
, I am not
> sure, what is the intended location of the security.drl file?
> The examples have it in WEB-INF/security.drl, but that doesn't work
> except on AS6.
> The SecurityRuleProducer injects the file using:
>> InputStream securityRules;
> So I am not sure which of these are true statements:
> 1. Seam Security examples are wrong, the file should be moved to servlet
> context root
> 2. Seam Security impl is wrong, it should @Inject it from
> 3. Seam Solder on AS7/Glassfish is wrong, it should pick up the file
> WEB-INF/security.drl using just the @Resource("security.drl") on these
> 4. Seam Solder on AS6 is wrong, it should not pick up the file
> WEB-INF/security.drl using just the @Resource("security.drl") on AS6.
(3) and (4) are out, @Resource just uses the underlying web container and
classloader to load resources.
Either (1) or (2) is correct.
I don't think we want #1. That puts the file in the public web directory.
1b: the file should be moved to the classpath (WEB-INF/classes) so it can be
injected with @Resource("security.drl")
2. Seam Security should inject from WEB-INF/security.drl
I think Seam Security should accommodate both 1b and 2. And thus, no change
to the example.
Principal Software Engineer, Red Hat | Author of Seam in Action
Registered Linux User #231597