On Nov 30, 2005, at 1:31 AM, David Jencks wrote:
On Nov 29, 2005, at 7:52 PM, Jeff Genender wrote:
I think it should go in the j2ee-server plan. IMHO the security
should be available for all web apps, whether its used or not. I
think it will be a PITA if every web app requires that import.
I strenuously object to foisting security onto every configuration
whether or not it is wanted. A more appropriate solution is to
make the security builder into a real gbean and let it add to the
parentId if it is called. Please don't push us back into the
miasma of a single plan.
How about we add this to the server plan for 1.0, and when the
security builder is cleaned up, we remove it?
-dain
