santuario-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bugzi...@apache.org
Subject DO NOT REPLY [Bug 44918] Allow to pass a custom config.xml resource path via Init.init() method
Date Tue, 23 Jun 2009 14:33:39 GMT
https://issues.apache.org/bugzilla/show_bug.cgi?id=44918





--- Comment #6 from Marc Giger <gigerstyle@gmx.ch>  2009-06-23 07:33:38 PST ---
(In reply to comment #5)
> (In reply to comment #4)
> > Sean,
> > 
> > Yes, we always pass the custom config via
> > org.apache.xml.security.resource.config
> > property. The problem with this solution is the inability to specify different
> > configs for e.g. different webservices in the same Container/VM.
> 
> Ok, but I believe that requires changes to support multiple configurations in
> the same VM. Right now, there is only one configuration per VM.
> So this patch doesn't solve that problem.

I think it does;-) but perhaps I didn't express myself correctly:
What I meant is when I have multiple web-apps deployed (e.g webservices) and
every deployment has it's own copy of xmlsec.jar then the
org.apache.xml.security.Init class will be loaded multiple times, once per
webapp beause of the class loader hirarchy. No?

> 
> > On the other hand I see your point with the security concern. 
> > Perhaps we can add a custom Permission class to check against current active
> > SecurityManager/SecurityPolicy if we are allowed to set the config? Altough
> > I've never done this.
> > 
> > What do you think?
> 
> I think if you added a per-App/container configuration such that it wouldn't
> affect any other threads in the same VM then you may not need to protect it
> with a permission.

-- 
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.

Mime
View raw message