geronimo-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Rex Wang <rwo...@gmail.com>
Subject Re: Geronimo Security Dependencies in 2.2
Date Thu, 03 Sep 2009 02:22:04 GMT
2009/9/3 David Jencks <david_jencks@yahoo.com>

>
> On Sep 2, 2009, at 6:40 AM, Ivan wrote:
>
>  Hi,
>>    In Geronimo 2.2, we have a tight reference of ConfigurationFactory in
>> the webappcontext, so it seems that we always need to add the dependencies
>> of the security realm it uses in the deployment plan, even if the global
>> attribute of the security realm is set with true, right ?  So when will we
>> need to set the global with false ?
>>
>
> Set global to true if you are using the realm in openejb, otherwise I
> advise setting it to false.


Is that mandatory to set global=false and add dependencies when using a
realm in web app? I remember you said "global – visible to all applications
no matter what their dependencies. However, without a dependency there is no
guarantee that the relam will be there if the application that uses it is."

Does that mean if developing a web app, we'd better to add a dependency, no
matter if global is set true?

Thanks


>  The point of non-global realms is to allow duplicate realm names, since
> the realm is scoped to the ancestors of the plugin that is using the realm.
>  Since openejb does all the security from the openejb plugin rather than
> from individual ejb app plugins, a realm used by openejb has to be global or
> be an ancestor of the openejb plugin.  Since web apps do security per-app,
> non-global works fine for them.
>
> thanks
> david jencks
>
>    Thanks !
>>
>> --
>> Ivan
>>
>
>

Mime
View raw message