[jboss-dev-forums] [Design of POJO Server] - Re: VFS Permissions - JBMICROCONT-149
adrian@jboss.org
do-not-reply at jboss.com
Mon Nov 10 13:18:47 EST 2008
"anil.saldhana at jboss.com" wrote : Additionally we can retain security.xml enabled. We should make it do the replacement work only if JBoss was started with a SM.
|
| I mean your original proposal of injecting the security manager in the security.xml needs to be removed and the replacement of protectiondomain becomes its objective.
I'm sorry you've lost me again.
conf/security.xml is an alternate to having to use the system properties.
I created it because it is easier to configure than having to remember
to specify system properties on the command line and avoids the vfs url
parsing problem.
Going forward conf/security.xml is what we want since it enables configuration
(including our own security policy) from the profile service and therefore
the management console.
I've got no idea what you mean about replacing the protection domain?
The protection domain is loaded from the security policy using the codesource url.
The discussion above is about which codesource to use
and automatically augmenting the returned permission collection
with read access for the VFS, file, etc. from where we loaded the class
(which can be different to the logical codesource - e.g. a copy of a nested jar into temp).
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4188236#4188236
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4188236
More information about the jboss-dev-forums
mailing list