avalon-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Farr, Aaron" <Aaron.F...@am.sony.com>
Subject RE: Merlin Security
Date Thu, 13 May 2004 18:48:08 GMT

> -----Original Message-----
> From: Nader Aeinehchi [mailto:nader@aeinehchi.com]
> You should rather use the following way which ensures only your policy
> file is in control
> -Djava.security.policy==$MERLIN_HOME/bin/security.policy

I knew about the JRE security definitions but I didn't know about the double
equals for overriding them.  Thanks.

> 2. Keep yourself to standard policy file as long as you can.
> Most of the time, the standard policy file from Sun provides the desired
> functionality and probably more.

Usually.  I've had trouble when embedding various containers into one
another.  For example, embedding OpenJMS into Merlin.  Or using sun's COMM
API which checks the security manager before looking for the
javax.comm.properties file.

> 5. If you decide to let Merlin be the top-most container, and thus the one
> that starts security manager, consider the following:


These are issues we will need to consider when finalizing the Merlin
security features.  As Alex mentioned, if you want to help, you're more than

J. Aaron Farr
  (724) 696-7653

To unsubscribe, e-mail: dev-unsubscribe@avalon.apache.org
For additional commands, e-mail: dev-help@avalon.apache.org

View raw message