[jboss-dev-forums] [PicketBox Development] - Re: Security Configuration in Domain Model - AS7
Marcus Moyses
do-not-reply at jboss.com
Tue Dec 21 12:21:16 EST 2010
Marcus Moyses [http://community.jboss.org/people/mmoyses] created the discussion
"Re: Security Configuration in Domain Model - AS7"
To view the discussion, visit: http://community.jboss.org/message/577054#577054
--------------------------------------------------------------
Actually I think a better model would be:
<security>
<security-management security-management-class-name="org.jboss.as.security.plugins.JNDIBasedSecurityManagement">
<authentication authentication-manager-class-name="org.jboss.security.plugins.auth.JaasSecurityManagerBase" deep-copy-subject-mode="false" default-callback-handler-class-name="org.jboss.security.auth.callback.JBossCallbackHandler"/>
<authorization authorization-manager-class-name="org.jboss.security.plugins.JBossAuthorizationManager"/>
</security-management>
<subject-factory subject-factory-class-name="org.jboss.as.security.plugins.JBossSecuritySubjectFactory"/>
</security>
This way we can start a separate service for the ISecurityManagement interface and make other services depend on it, like the subject factory for instance.
I will also work on a sub element of security for the authentication cache.
I need some ideas on where to model the configuration for the security domains. Maybe we should just get rid of login-config.xml and map the security domains directly in the domain model. What do you think? We could start the container with only the "other" configuration and let each application deploy it's own security domain configuration.
--------------------------------------------------------------
Reply to this message by going to Community
[http://community.jboss.org/message/577054#577054]
Start a new discussion in PicketBox Development at Community
[http://community.jboss.org/choose-container!input.jspa?contentType=1&containerType=14&container=2088]
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/jboss-dev-forums/attachments/20101221/119638b5/attachment.html
More information about the jboss-dev-forums
mailing list