The new snapshot is available. It's still a work in progress, so there are still many regression failures. We're at the end of week 6 of the 8-week release schedule for 3.1.5.
There are a bunch of important updates in the snapshot, together with bug fixes: * management password configuration * authenticator configuration update * new abstract class for custom authenticators * ejb/webbeans integration * jca/mdb activation-spec cleanup * remoting cleanup with driver API and CXF integration The documetation for the security stuff will be at http://caucho.com/ resin/doc/resin-security.xtp. The remoting documentation will be at http://caucho.com/resin/doc/ resin-remoting.xtp The wiki integration page for CXF is at http://wiki.caucho.com/CXF 1) management update. The new management section in the resin.conf looks like: <resin> <management path="admin"> <user name="harry" password="MD5HASH=="/> <user ... <jmx-servicee/> </management> The password is a md5 digest, md5(user:password:resin). It's used for both the admin interface and as a default authenticator if you don't define a separate <authenticator> 2) ejb/webbeans integration The class enhancement for ejb and webbeans now uses the same code. This means any webbean can use any ejb annotation, like @RolesAllowed or @TransactionAttribute. It also means EJBs can use the webbeans interception annotations. The main purpose of the integration, though, is to use the same code so we get better test coverage. 3) authenticator configuration update We've added a new option for authentication configuration, using a uri-based system to choose authenticators as an extension to the old class-based on. The authenticators are registered in META-INF/ services with their own URI scheme, which can be used in an authenticator as follows: <authenticator uri="properties:password-digest=none"> <init> harry=quidditch,user </init> </authenticator> The old class="..." still works, of course. 4) AbstractPasswordAuthenticator. The security section has a new AbstractPasswordAuthenticator, which should make creating custom authenticators easier. The only method you'll need to implement is: protected PasswordUser getUser(String userName); 5) jca/mdb There's been a bunch of work on the jca/mdb integration (basically was missing before). The configuration looks like the following: <jms-message-bean class="qa.MyListener"> <authentication-spec uri="activemq:"> <init foo1="value1" foo2="value2"/> </authentication-spec> </jms-message-bean> (Assuming that the classname for the activemq ActivationSpec is registered in META-INF/services) (The connection side configuration of jca is also getting revamped, but it's not quite ready yet.) 6) remoting cleanup We've split the remoting protocols into a driver system. The server end of the protocol extends com.caucho.remote.server.AbstractProtocolServletFactory: public Servlet createServlet(Class serviceApi, Object service) The client end extends com.caucho.remote.client.AbstractProtocolProxyFactory: public Object createProxy(Class api); And you can add uri prefixes in META-INF/services to simplify the configuration. Currently, we have "hessian:", "burlap:", "cxf:", and "xfire:". The server configuration is actually a servlet (this is actually a servlet-spec feature): <servlet-mapping url-pattern="/hello"> <protocol uri="hessian:"/> </servlet-mapping> The remote configuration looks like: <remote-client interface="qa.Hello"> <uri>hessian:url=http://localhost:8086/hello/hessian</uri> </remote-client> -- Scott _______________________________________________ resin-interest mailing list resin-interest@caucho.com http://maillist.caucho.com/mailman/listinfo/resin-interest