在 2009-05-05二的 11:21 -0400,Harmeet Bedi写道: > If goal is to change security without changing code or XML configuration.. > the configuration has to reside somewhere. db seemed like a spot.
I think it's convenient during developing to set the securities in XML configuration and override DB data when every restart. When deploying in production environment, the configuration can be changed to keep DB data unchanged when restart. This is what JBoss Portal does.
