geronimo-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Rex Wang <>
Subject Re: Geronimo Security Dependencies in 2.2
Date Thu, 03 Sep 2009 02:22:04 GMT
2009/9/3 David Jencks <>

> On Sep 2, 2009, at 6:40 AM, Ivan wrote:
>  Hi,
>>    In Geronimo 2.2, we have a tight reference of ConfigurationFactory in
>> the webappcontext, so it seems that we always need to add the dependencies
>> of the security realm it uses in the deployment plan, even if the global
>> attribute of the security realm is set with true, right ?  So when will we
>> need to set the global with false ?
> Set global to true if you are using the realm in openejb, otherwise I
> advise setting it to false.

Is that mandatory to set global=false and add dependencies when using a
realm in web app? I remember you said "global – visible to all applications
no matter what their dependencies. However, without a dependency there is no
guarantee that the relam will be there if the application that uses it is."

Does that mean if developing a web app, we'd better to add a dependency, no
matter if global is set true?


>  The point of non-global realms is to allow duplicate realm names, since
> the realm is scoped to the ancestors of the plugin that is using the realm.
>  Since openejb does all the security from the openejb plugin rather than
> from individual ejb app plugins, a realm used by openejb has to be global or
> be an ancestor of the openejb plugin.  Since web apps do security per-app,
> non-global works fine for them.
> thanks
> david jencks
>    Thanks !
>> --
>> Ivan

View raw message