geronimo-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Aaron Mulder (JIRA)" <...@geronimo.apache.org>
Subject [jira] Commented: (GERONIMO-422) SimpleSecurityRealm.options and ConfigurationEntryRealmLocal.options seem redundant
Date Tue, 02 Nov 2004 18:07:32 GMT
     [ http://nagoya.apache.org/jira/browse/GERONIMO-422?page=comments#action_54949 ]
     
Aaron Mulder commented on GERONIMO-422:
---------------------------------------

Let me add to this...

The SecurityRealm returns an AppConfigurationEntry for the LoginModule, and that has a LoginModuleControlFlag
(REQUIRED, SUFFICIENT, etc.)

When you deploy a ConfigurationEntry GBean, you ALSO specify a LoginModuleControlFlag.  More
redundancy.  Which LoginModuleCotnrolFlag is actually used, and why do we let you specify
two that might be different?  I guess you don't really specify the one in the code for the
security realm unless you write your own realm, but still, why even have two places to set
the same thing?


> SimpleSecurityRealm.options and ConfigurationEntryRealmLocal.options seem redundant
> -----------------------------------------------------------------------------------
>
>          Key: GERONIMO-422
>          URL: http://nagoya.apache.org/jira/browse/GERONIMO-422
>      Project: Apache Geronimo
>         Type: Bug
>   Components: security
>     Versions: 1.0-M2
>     Reporter: Aaron Mulder

>
> If you use a custom LoginModule with a SimpleSecurityRealm, there are two ways to provide
options to the LoginModule.  One is to set the options property on SimpleSecurityRealm.  The
other is to set the options property on the ConfiguraitonEntryRealmLocal when you deploy a
JAAS configuration for the realm.
> It doesn't seem like we need both ways to specify options to the login module.  I think
we could remove the options property from SimpleSecurityRealm, and just use the options on
the ConfigurationEntryRealmLocal.

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
   http://nagoya.apache.org/jira/secure/Administrators.jspa
-
If you want more information on JIRA, or have a bug to report see:
   http://www.atlassian.com/software/jira


Mime
View raw message