The problem can be observed using the policy-security-jsr250 itest, by setting breakpoints before and after the calls to resolvePolicySets() in BaseAssemblyProcessor.resolveImplementation().
On Mon, Jul 7, 2008 at 11:44 AM, Luciano Resende <[EMAIL PROTECTED]> wrote: > Let me look at this issue Greg. Please, I'd appreciate if you could > provide a JIRA if you have a failing test case. > > On Mon, Jul 7, 2008 at 7:49 AM, Greg Dritschler > <[EMAIL PROTECTED]> wrote: > > Luciano, > > > > Is the support for the security annotations complete? I gave them a try > but > > ran into a problem. I see that the policy-security module contains > > 'skeleton' policy set definitions for the policy sets that are needed to > > support the annotations: > > > > <policySet name="runAs" appliesTo="sca:implementation.java"/> > > <policySet name="allow" appliesTo="sca:implementation.java"/> > > <policySet name="rolesAllowed" appliesTo="sca:implementation.java"/> > > <policySet name="permitAll" appliesTo="sca:implementation.java"/> > > <policySet name="denyAll" appliesTo="sca:implementation.java"/> > > > > JSR250PolicyProcessor constructs the actual policy based on the role > names > > in the annotation. It turns off the unresolved flag in the policy model, > I > > assume in an attempt to bypass resolving the model. However this does > not > > appear to work. During resolve processing, the policy set references are > > resolved to the 'skeleton' policy set definitions, causing the policy > > content added by the JSR250PolicyProcessor to be lost. > > > > Greg > > > > On Wed, May 28, 2008 at 11:15 PM, Luciano Resende <[EMAIL PROTECTED]> > > wrote: > >> > >> Support for "Authorization and Security Identity Policy" (rev #661186) > >> is now working, and I have created an iTest (rev #661188) that > >> exercise this functionality. > >> > >> I'm also looking into adding support for JSR250 security annotations, > >> basically allowing to define these policies direct into your java > >> artifacts. > >> > >> On Wed, May 28, 2008 at 12:21 AM, Luciano Resende <[EMAIL PROTECTED] > > > >> wrote: > >> > I have started looking at support for "Authorization and Security > >> > Identity Policy" and supporting JSR250. Looks like we have the > >> > necessary models and some policy definitions.xml available in the > >> > policy-security module to support this, but looks like these > >> > processors are not hooked up to the overall runtime. Does anybody have > >> > more details on this ? > >> > > >> > -- > >> > Luciano Resende > >> > Apache Tuscany Committer > >> > http://people.apache.org/~lresende<http://people.apache.org/%7Elresende> > >> > http://lresende.blogspot.com/ > >> > > >> > >> > >> > >> -- > >> Luciano Resende > >> Apache Tuscany Committer > >> http://people.apache.org/~lresende<http://people.apache.org/%7Elresende> > >> http://lresende.blogspot.com/ > > > > > > > > -- > Luciano Resende > Apache Tuscany Committer > http://people.apache.org/~lresende <http://people.apache.org/%7Elresende> > http://lresende.blogspot.com/ >
