My understanding is that the security contraints in a deployment descriptor are the standard declarative model for java policy. I want to replace that policy with a completely different kind of policy.
It seems odd that I have to explicitly allow all access in the descriptor just so I can dissallow it later with my own policy. I do not have to do this in WebSphere (Not that WebSphere is the model for all app servers!) What is happening I would call an optimization that should be turned off when a different JACC implementation is registered. View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3937032#3937032 Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3937032 ------------------------------------------------------- This SF.Net email is sponsored by xPML, a groundbreaking scripting language that extends applications into web and mobile media. Attend the live webcast and join the prime developer group breaking into this new coding territory! http://sel.as-us.falkag.net/sel?cmd=lnk&kid=110944&bid=241720&dat=121642 _______________________________________________ JBoss-user mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/jboss-user
