> * besides the Javadoc in the org.jsecurity.web.servlet.JSecurityFilter, is
> there any additional documentation that describes how to configure
> JSecurity? if there is, a URL would be much appreciated.
Hi Raif,
For .ini based configuration, not at the moment.
At least for the purpose of this email, you can consider our text-based
approach a rudimentary mechanism for dependency injection. For example:
beanA = some.fully.qualified.ClassA
beanA.property1 = Hello World
myBean = some.fully.qualified.Class
myBean.propertyA = $beanA
* are there any plans, or would there be an interest, in providing a
> configuration API, based on a W3C Schema and xml-to-Java binding classes,
> generated from Apache XMLBeans for example?
There hasn't been any effort to move in that direction. The configuration
above (rudimentary .ini config) seems to be more desireable and agreeable to
the majority of users. A lot of us are kinda "XML'd out" :) But if there
is enough interest in the community for XML-based config, I'm sure we would
probably support it. Its just there hasn't been anyone asking for it...
Best,
Les
P.S. This is a little off topic but related to your first question. Please
ignore if you have no interest ;)
It has been a desire of mine for a long time to maybe found another open
source project, say, "OGDL" that specified an "Object Graph Definition
Language" as a companion to OGNL. It would be the most concise way to
configure any DI framework - Spring, Guice, whatever.
I wanted to have that as the text-based config used in the JSecurityFilter
and we could use a library that could parse the text and transform it into
an object graph. The JSecurity SecurityManager is essentially an object
graph with the SecurityManager implementation as the root node.
This would be much nicer and easier to read than XML. For example:
securityManager: some.fully.qualified.ClassName {
property1:$someRef
property2:$anotherRef
property3: "Hello World"
}
I could see Spring configs using this syntax instead of XML. Maybe a
OgdlApplicationContext. I should write that :)
