Wolfgang, Sounds great. IMO, the endpointInterface is actually more important than the security annotations.
Generally, I think we should not use config-files in this context if we can avoid them. The endpointInterface property points to a fully qualified class name. The spec doesn't say whether the file the class name refers to is a source or class file. I think the 181-processor could assume that the endpointInterface is a compiled class file, which then could be found on the classpath. This implies that the information needed to generate 181-compliant default parameter names for @WebMethods gets lost before it can be used. We have the same problem with the WsmReflectionAnnotationProcessor reading annotated class files; and I think that's fine, though (for now anyway). Also, keep in mind that all methods defined in a service endpoint interface are automatically considered @WebMethods -- whether they are annotated or not. In the service endpoint interface, annotations are only required if default values need to be overridden. If we wanted to support source files for endpoint interfaces as well, we could add a discovery algorithm that searches certain directories (e.g. ...webapps/AnnotatedAxis/WEB-INF/src or similar) for the source file. We could add something along those lines later. Other suggestions? Opinions? Hope this helps, -michael -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Sent: Thursday, October 07, 2004 8:03 AM To: Beehive Developers Subject: Re: @SecurityIdentity, @SecurityRoles Hi Michael, > One of the next steps on the path to full JSR-181 compliance would be to > figure out how to map @SecurityIdentity and @SecurityRoles onto > Tomcat/Axis' security model and then to implement the mapping (with test > cases :) Would you be interested in looking into this? Sure, I take it. I'm gonna investigate it first. In the mean while, I want to complete implementation of the endpoint interface support for WsmReflectionAnnotationProcessor.java. To make it, I need opinions/suggestions from others. If an object model returned from WsmReflectionAnnotationProcessor contains @WebService(endpointInterface = "WebServiceInterface.java"), how should the processor find the source file ? (If the source file is given as a full path, it's okay. but this case is just the name of a source file.) In case of using WsmAnnotationProcessor to load an object model from a source file, it's usually used with the APT command so that the user can give a -AsrcPath option to APT command to pass the base directory in which source files reside to WsmAnnotationProcessor. Thus, WsmAnnotationProcessor can find the source file. But WsmReflectionAnnotationProcessor is mostly used by other APIs at runtime, so the APIs must give the base directory to WsmReflectionAnnotationProcessor to find the source file. Or WsmReflectionAnnotationProcessor must somehow know the base directory. (This is same thing for using WsmAnnotationProcessor without APT but it's used by the other APIs at runtime.) What kinda implementation of passing the base directory to the processors is good ?? Have a global configuration file like beehive_wsm.xml and the WsmReflectionAnnotationProcessor reads the base directory from it ? Looking forward to hearing opinions/suggenstions. Thanks in advance. wolfgang
