[jboss-as7-dev] web security extensions
Remy Maucherat
rmaucher at redhat.com
Wed Jun 8 09:55:51 EDT 2011
On Wed, 2011-06-08 at 09:23 -0400, Bill Burke wrote:
> In this manner, multiple web apps could use the same security domain and
> you wouldn't have to change their config if you wanted to change the
> authentication method. The security domain has complete control over
> the authentication mechanism. You could take this even further fully
> delegate security constraint application to the security domain. THis
> would be very interesting as then an Identity Management service could
> have complete control over security metadata without having to modify
> the WAR.
I won't do this, since:
- Editing web.xml is editing the war
- It makes the war non portable, while jboss-web.xml does not affect
this; so any proprietary element should stay in jboss-web.xml.
BTW, jboss-web.xml is not part of the domain model.
--
Remy Maucherat <rmaucher at redhat.com>
Red Hat Inc
More information about the jboss-as7-dev
mailing list