Hi all, looking at https://issues.jboss.org/browse/SEAMSECURITY-81, I am not sure, what is the intended location of the security.drl file? The examples have it in WEB-INF/security.drl, but that doesn't work except on AS6. The SecurityRuleProducer injects the file using: > @Inject > @org.jboss.seam.solder.resourceLoader.Resource("security.drl") > InputStream securityRules; So I am not sure which of these are true statements: 1. Seam Security examples are wrong, the file should be moved to servlet context root 2. Seam Security impl is wrong, it should @Inject it from "WEB-INF/security.drl" 3. Seam Solder on AS7/Glassfish is wrong, it should pick up the file WEB-INF/security.drl using just the @Resource("security.drl") on these platforms 4. Seam Solder on AS6 is wrong, it should not pick up the file WEB-INF/security.drl using just the @Resource("security.drl") on AS6.

On 20 Jul 2011, at 12:46, Marek Schmidt wrote: > Hi all, > > looking at https://issues.jboss.org/browse/SEAMSECURITY-81, I am not > sure, what is the intended location of the security.drl file? > > The examples have it in WEB-INF/security.drl, but that doesn't work > except on AS6. > > The SecurityRuleProducer injects the file using: > >> @Inject >> @org.jboss.seam.solder.resourceLoader.Resource("security.drl") >> InputStream securityRules; > > So I am not sure which of these are true statements: > > 1. Seam Security examples are wrong, the file should be moved to servlet > context root > 2. Seam Security impl is wrong, it should @Inject it from > "WEB-INF/security.drl" > 3. Seam Solder on AS7/Glassfish is wrong, it should pick up the file > WEB-INF/security.drl using just the @Resource("security.drl") on these > platforms > 4. Seam Solder on AS6 is wrong, it should not pick up the file > WEB-INF/security.drl using just the @Resource("security.drl") on AS6. (3) and (4) are out, @Resource just uses the underlying web container and classloader to load resources.

Either (1) or (2) is correct.