geronimo-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Aaron Mulder (JIRA)" <>
Subject [jira] Commented: (GERONIMO-2271) Security Realm deployed as part of a web app listed as "Serverwide"
Date Sun, 06 Aug 2006 13:49:19 GMT
    [ ] 
Aaron Mulder commented on GERONIMO-2271:

The intent was to offer edit, start, stop etc. actions for each of the listed resources on
the screen (realm, pool, whatever).  However, those options would likely only be offered for
server-wide resources, under the theory that if you edit an application-scoped resources and
redeploy, you may get unexpected results, and you shouldn't be able to stop an application-scoped
resource without stopping the whole application, and so on.

So the point of those labels is so it will make sense why you see different options for each
one.  It sounds like maybe the logic for deciding on the labels is broken, and it should certainly
be fixed.

And it's true, application-scoped resources are a convenience not a security feature.  There
is nothing that prevents any application from interfering with any other application.  However,
there is no "supposedly" about it -- if you stop the application, the resources deployed as
part of that application are stopped too.  See, for example, the discussion of scopes at

> Security Realm deployed as part of a web app listed as "Serverwide"
> -------------------------------------------------------------------
>                 Key: GERONIMO-2271
>                 URL:
>             Project: Geronimo
>          Issue Type: Bug
>      Security Level: public(Regular issues) 
>          Components: console
>    Affects Versions: 1.2, 1.1, 1.1.1, 1.1.x
>         Environment: Win XP, G1.1.1-SNAPSHOT Tomcat
>            Reporter: Vamsavardhana Reddy
>             Fix For: 1.2, 1.1.x, 1.1.2
> I  have deployed a web application with its own security realm.  The new security realm
is shown as "Serverwide" in Security Realms portlet. 

This message is automatically generated by JIRA.
If you think it was sent incorrectly contact one of the administrators:
For more information on JIRA, see:


View raw message