On Sunday, January 4, 2004, at 01:22 PM, Jacek Laskowski wrote:
Alan D. Cabrera wrote:Did this get resolved?
Hey Alan,
I wish you've been here when I was working hard on sorting out the issues with deploying beans and the security module. The fear that the problems were related to not-yet-written code instead of misconfiguration was always with me. Happily, it quickly boiled down to only apply valid configuration to Geronimo and having done so made Geronimo shone so beautifully. :-)
It's now done. David J. applied appropriate changes to Geronimo, but not all of them - more about it later. Thanks Dave for supporting me during the stormy days when everybody was drinking beer while laying on the beach of Florida and unpacking his presents ;-)
Anyway, it's not been checked in the change to the main maven.xml, i.e. setting javax.security.jacc.PolicyConfigurationFactory.provider to org.apache.geronimo.security.GeronimoPolicyConfigurationFactory.
I thought probably this should be set in code rather than before geronimo starts, but I wasn't sure where. It looks like Alan agrees with me, from his other message.
I don't see why it was not added. Unless I'm mistaken the property must be set in order to deploy EJBs (and perhaps war and other modules with security settings). I guess, David probably overlooked it by mistake.
If you think the following change should not be added to maven.xml, please tell me why. The change should be applied to run:main as well as debug:main goals.
<sysproperty key="javax.security.jacc.PolicyConfigurationFactory.provider" value="org.apache.geronimo.security.GeronimoPolicyConfigurationFactory" />
Also, it's not yet clear if empty <security/> element is required or not. IMHO it is not, but as we finally write a deployer tool to automatically create geronimo-ejb-jar.xml it becomes a question with very low importance. @see modules/core/src/java/org/apache/geronimo/security/ EJBModuleConfiguration.java.
I should remove the comments saying it's not clean, since alan explicitly made it optional in the schema.
Also, it's been necessary to have parameterless constructors of the *ModuleConfiguration as otherwise they weren't called at all (with some bizarre error messages). I see the change was not applied so that EJBModuleConfiguration doesn't contain something as follows:
public EJBModuleConfiguration() { super(null); }
I think WebModuleConfiguration needs the same thing.
This doesn't make sense to me yet. Why is this needed? Did I miss a failing test? The EJBModuleDeploymentPlanner sets up the task to use the non-default constructor, which is the only one that makes sense to me.
Also, don't see the check whether or not excludeList variable is null. According to modules/core/src/schema/geronimo-ejb-jar.xsd cardinality of <exclude-list> element is 0 and more. @see modules/core/src/java/org/apache/geronimo/security/util/ ConfigurationUtil.java.
I haven't looked at this yet.
Alan
Thanks you're again with us ;-)
I agree:-)
david jencks
Jacek
