I think a lookupAll would be the best solution. Security would be achieved by simply not returning components to the client unless the client is allowed to see those components.
The problem with the reasoning that went into the security reason is this: 1. A component must not be allowed to obtain references to components it is not allowed to access. 2. A component can obtain a reference to any component whose role it knows. 3. Therefore, it should not be allowed to know all roles in the system. The problems are between 2 and 3: 1. The role is predictable and thus not a secret key and we can't treat it as such. 2. We can do one better - since we can intercept any call to lookup, we can implement any security checks there. If we don't want component A to lookup component B, then we can just not ever return B to A. Irrespective of lookup or a future lookupAll or a future listAllRolesInManager. So the security reason is ignorable. I'd do this: Keep Component/ServiceManager as-is. Create a ComponentLocator / ServiceLocator class, and mark it as optional. Then create a lifecycle stage for it. /LS --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
