Set global to true if you are using the realm in openejb, otherwise I advise setting it to false. The point of non-global realms is to allow duplicate realm names, since the realm is scoped to the ancestors of the plugin that is using the realm. Since openejb does all the security from the openejb plugin rather than from individual ejb app plugins, a realm used by openejb has to be global or be an ancestor of the openejb plugin. Since web apps do security per-app, non-global works fine for them.
On Sep 2, 2009, at 6:40 AM, Ivan wrote:
In Geronimo 2.2, we have a tight reference of ConfigurationFactory in the webappcontext, so it seems that we always need to add the dependencies of the security realm it uses in the deployment plan, even if the global attribute of the security realm is set with true, right ? So when will we need to set the global with false ?