[jboss-dev-forums] [Design of POJO Server] - Re: VFS Permissions - JBMICROCONT-149
anil.saldhana@jboss.com
do-not-reply at jboss.com
Mon Nov 10 13:24:49 EST 2008
"adrian at jboss.org" wrote : "anil.saldhana at jboss.com" wrote : Additionally we can retain security.xml enabled. We should make it do the replacement work only if JBoss was started with a SM.
| |
| | I mean your original proposal of injecting the security manager in the security.xml needs to be removed and the replacement of protectiondomain becomes its objective.
|
| I'm sorry you've lost me again.
| conf/security.xml is an alternate to having to use the system properties.
|
| I created it because it is easier to configure than having to remember
| to specify system properties on the command line and avoids the vfs url
| parsing problem.
|
| Going forward conf/security.xml is what we want since it enables configuration
| (including our own security policy) from the profile service and therefore
| the management console.
|
| I've got no idea what you mean about replacing the protection domain?
| The protection domain is loaded from the security policy using the codesource url.
|
| The discussion above is about which codesource to use
| and automatically augmenting the returned permission collection
| with read access for the VFS, file, etc. from where we loaded the class
| (which can be different to the logical codesource - e.g. a copy of a nested jar into temp).
Sorry for having misunderstood. It made sense now.
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4188239#4188239
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4188239
More information about the jboss-dev-forums
mailing list