[jboss-jira] [JBoss JIRA] (AS7-6557) Security Manager integration

David Lloyd (JIRA) jira-events at lists.jboss.org
Thu Feb 21 13:23:56 EST 2013 

    [ https://issues.jboss.org/browse/AS7-6557?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12755600#comment-12755600 ] 

David Lloyd edited comment on AS7-6557 at 2/21/13 1:23 PM:
-----------------------------------------------------------

Just a few notes on that idea so when I wake up tomorrow it isn't all forgotten:

* (/) We'll need to implement {{java.security.Policy}} with a simple policy that includes the jboss-modules.jar code source
* We have options:
** -Just let all remaining permissions be installed via modules-
** Or, use the policy mechanism to merge in some global config
* Notes:
** -Look into keying off of something besides code source - maybe modules should maintain/cache protection domains in addition to/instead of permission sets?-
                
      was (Author: dmlloyd):
    Just a few notes on that idea so when I wake up tomorrow it isn't all forgotten:

* We'll need to implement {{java.security.Policy}} with a simple policy that includes the jboss-modules.jar code source
* We have options:
** Just let all remaining permissions be installed via modules
** Or, use the policy mechanism to merge in some global config
* Notes:
** Look into keying off of something besides code source - maybe modules should maintain/cache protection domains in addition to/instead of permission sets?
                  
> Security Manager integration
> ----------------------------
>
>                 Key: AS7-6557
>                 URL: https://issues.jboss.org/browse/AS7-6557
>             Project: Application Server 7
>          Issue Type: Sub-task
>          Components: Security
>            Reporter: David Lloyd
>            Assignee: Anil Saldhana
>             Fix For: 8.0.0.Alpha1
>
>
> As per the Java EE 7 spec, all Java EE products must be capable of running within a Java security manager.  Test each Java EE configuration including application client for security manager operability.  Implement configuration and management as appropriate.  See AS7-6572 for detailed task list.
> Discuss with [~dmlloyd] options around modules integration.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

More information about the jboss-jira mailing list