[jboss-dev-forums] [Design of Security on JBoss] - HsqlDbRealm as default security domain?
bstansberry@jboss.com
do-not-reply at jboss.com
Tue Dec 19 00:59:45 EST 2006
I deployed a simple test ear on Branch_4_2 and found that it got associated with HsqlDbRealm. That seems odd.
The ear is very straightforward. A webapp with a couple servlets and an ejb jar with one SLSB. Nothing is specified as being secured; there aren't even any jboss-specific deployment descriptors in the ear.
I'm using this ear to try to track down a classloader leak on undeploy. Found a reference chain leading back to the TimedCachePolicy in JaasSecurityManager. Not sure if that's a problem -- should the cache be flushed on undeploy, or is it expected the ref will eventually clear when the entry times out?
Pending finding an answer to the above, I decided to just have my test flush the "other" cache so I could see if there were other leakage paths. But it didn't work -- for some reason the entry was stored in the "HsqlDbRealm" cache. I have no idea why.
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3994890#3994890
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3994890
More information about the jboss-dev-forums
mailing list