On Thu, Jul 21, 2011 at 04:51, Pete Muir <pmuir(a)redhat.com> wrote:
On 20 Jul 2011, at 12:46, Marek Schmidt wrote:
> Hi all,
>
> looking at
https://issues.jboss.org/browse/SEAMSECURITY-81, I am not
> sure, what is the intended location of the security.drl file?
>
> The examples have it in WEB-INF/security.drl, but that doesn't work
> except on AS6.
>
> The SecurityRuleProducer injects the file using:
>
>> @Inject
>> @org.jboss.seam.solder.resourceLoader.Resource("security.drl")
>> InputStream securityRules;
>
> So I am not sure which of these are true statements:
>
> 1. Seam Security examples are wrong, the file should be moved to servlet
> context root
> 2. Seam Security impl is wrong, it should @Inject it from
> "WEB-INF/security.drl"
> 3. Seam Solder on AS7/Glassfish is wrong, it should pick up the file
> WEB-INF/security.drl using just the @Resource("security.drl") on these
> platforms
> 4. Seam Solder on AS6 is wrong, it should not pick up the file
> WEB-INF/security.drl using just the @Resource("security.drl") on AS6.
(3) and (4) are out, @Resource just uses the underlying web container and
classloader to load resources.
Either (1) or (2) is correct.
I don't think we want #1. That puts the file in the public web directory.
How about:
1b: the file should be moved to the classpath (WEB-INF/classes) so it can be
injected with @Resource("security.drl")
2. Seam Security should inject from WEB-INF/security.drl
I think Seam Security should accommodate both 1b and 2. And thus, no change
to the example.
-Dan
--
Dan Allen
Principal Software Engineer, Red Hat | Author of Seam in Action
Registered Linux User #231597
http://www.google.com/profiles/dan.j.allen#about
http://mojavelinux.com
http://mojavelinux.com/seaminaction