[jboss-dev-forums] [Design of Security on JBoss] - Re: Policy Implementation for VFS
david.lloyd@jboss.com
do-not-reply at jboss.com
Wed Oct 8 15:19:56 EDT 2008
It should be... the policy parser won't try to open the URL directly because the actual URL might not be valid (in terms of the classloader) - it might contain a wildcard character for instance. And the security manager won't try to open the class file at check time becase (a) the class is already loaded, (b) it would be a performance nightmare, and (c) it would cause intermittent application failures if it was e.g. an HTTP url.
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4181106#4181106
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4181106
More information about the jboss-dev-forums
mailing list