geronimo-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "David Jencks (JIRA)" <...@geronimo.apache.org>
Subject [jira] Commented: (GERONIMO-497) Improve DeploymentSupport setting on a realm
Date Sun, 10 Jul 2005 05:23:09 GMT
    [ http://issues.apache.org/jira/browse/GERONIMO-497?page=comments#action_12315432 ] 

David Jencks commented on GERONIMO-497:
---------------------------------------

My understanding of current thinking on this is that adc and I at least strongly oppose any
automatic configuration of security at runtime, and think that if there is a deploy time autoconfig
system all its results must be presented somehow for explicit approval.  In any case, I believe
most or all "DeploymentSupport" functionality has been removed.

> Improve DeploymentSupport setting on a realm
> --------------------------------------------
>
>          Key: GERONIMO-497
>          URL: http://issues.apache.org/jira/browse/GERONIMO-497
>      Project: Geronimo
>         Type: Bug
>   Components: security
>     Versions: 1.0-M4
>     Reporter: Aaron Mulder

>
> The GenericSecurityRealm currently provides DeploymentSupport features if the login modules
implement DeploymentSupport.  It would be nice to support an external DeploymentSupport, set
as a property on the GenericSecurityRealm.  Currently that ability is there (on DS per login
domain for the realm), but it just expects to get a class name, and this doesn't really work
as the DeploymentSupport instance has no way of being configured (e.g. to point to a specific
DB, LDAP server, etc.).  Probably, a DeploymentSupport defined separately from the realm should
be instantiated and configured as a GBean, and the realm given the ObjectName instead of the
class name.  However, I'm not 100% convinced that "GBean creep" is the way to go here.  We
could also add the same initialize method declared in LoginModule to DeploymentSupport, and
then provide a way to send Options to the DeploymentSupport on the realm, but that seems pretty
complex too.

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
   http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
   http://www.atlassian.com/software/jira


Mime
View raw message