https://issues.apache.org/bugzilla/show_bug.cgi?id=44918
--- Comment #4 from Marc Giger <gigerst...@gmx.ch> 2009-06-22 23:40:01 PST --- Sean, Yes, we always pass the custom config via org.apache.xml.security.resource.config property. The problem with this solution is the inability to specify different configs for e.g. different webservices in the same Container/VM. On the other hand I see your point with the security concern. Perhaps we can add a custom Permission class to check against current active SecurityManager/SecurityPolicy if we are allowed to set the config? Altough I've never done this. What do you think? Marc -- Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the assignee for the bug.
