Hi again, I would like to point another issue related to security management. As far as I can see, the LocalInitialContext invokes the SecurityService login during the context creation. But I can not see the SecurityService logout call during the logout (invoked from close method) invocation of the LocalInitialContext.
Is it a deliberated choice ? It seems a little stange. Moreover, I have a question related to the ClientSecurity usage inside the container. On the deprecated version InitContextFactory, the security identity was bound to the current thread (calling associate method from the security service). But in the current implementation, the security identity is bound to the ClientSecurity object which is static ! >From my point of view, it implies we can not use more than one identity per JVM even if we instantiate two InitialContext (provided 2 different credentials). Is it right ? Thanks in advance for your feedback. Kind regards, JLouis -- View this message in context: http://www.nabble.com/LocalInitialContext-and-SecurityService-collaboration-tp22179911p22179911.html Sent from the OpenEJB Dev mailing list archive at Nabble.com.
