geronimo-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From suryadu <>
Subject Re: [jira] Created: (GERONIMO-3101) Role Based J2EE security model for DayTrader Benchmark
Date Mon, 16 Apr 2007 19:31:08 GMT

           There are two ways we can implement security to DayTrader. Either
programmatic security which needs changes to DayTrader code and the other
way is Declarative security where security is defined through changes to DD
files. The 
model that I am using currently is the later. The Security will be engaged
only when the Global security is enabled from the application server. Till
that time, there won't be any changes that a developer can see while running
the benchmark application. My initial tests also did not show any kind of
performance impact between the secured and non-secured prototype versions.


Christopher Blythe wrote:
> Surya... I really like the idea of adding security to DayTrader to assess
> the performance impact of J2EE and Java 2 security. What changes would be
> necessary to add this in? Would it involve changes to the code in any way,
> or would it simply involve changes to properties and/or DD files? Also,
> how
> easy would it be to switch in between the secured and un-secured versions?
> As a side note, I think this JIRA should be opened against DAYTRADER, not
> Chris
> On 4/16/07, Surya V Duggirala (JIRA) <> wrote:
>> Role Based J2EE security model for DayTrader Benchmark
>> ------------------------------------------------------
>>                  Key: GERONIMO-3101
>>                  URL:
>>              Project: Geronimo
>>           Issue Type: New Feature
>>       Security Level: public (Regular issues)
>>             Reporter: Surya V Duggirala
>> To characterize and assess the performance of Security runtime for J2EE
>> role based security and Java 2 Security, we need a secured version of
>> DayTrader. This can be useful for Web Authenticatin and Authorization and
>> EJB Authentication and Authorization etc.,
>> Currently I am working on assessing the security performance using
>> DayTrader and wondering whether anyone has done similar studies with
>> DayTrader.
>> --
>> This message is automatically generated by JIRA.
>> -
>> You can reply to this email to add a comment to the issue online.
> -- 
> "I say never be complete, I say stop being perfect, I say let... lets
> evolve, let the chips fall where they may." - Tyler Durden

View this message in context:
Sent from the Apache Geronimo - Dev mailing list archive at

View raw message