> What do you mean exactly by modifying a realm? I would guess that you > mean changing state/attributes on an existing Realm instance. Is this > correct? Or are you talking about adding or removing realm instances > on the SecurityManager at runtime?
I mean changing the code in the realm, for example by adding a print statement, or modifying the behaviour of isPermitted(). > The application SecurityManager instance shouldn't need to be swapped > at runtime. Any changes to its configuration should be dynamically > applied, IMO. But this might be a different discussion - I don't see > how modifying an existing realm instance's state would have any effect > on the security manager. Because the realm's class changes, Spring has to update everything that ultimately references it. In other words, all beans that directly or indirectly depend on the realm have to be reloaded, security manager included. Hope that clears things up, Peter
