On Aug 7, 2008, at 5:42 PM, David Blevins wrote:
We can certainly hack up something in this regard.
Quick question, what kind of security tracking would be good for
you? I.e. are we talking concurrent users or one user at a time?
We've got some code in the openejb-client package that's pretty
useful for switching to different modes of tracking the user and I
was just thinking just the other day that it wouldn't be a bad idea
to port it to the "server side" as well for embedded scenarios.
Ok... Hacked on this quite a bit and got something working that
should suit your needs. It essentially changes the per-thread login
module to default to a new per-vm login model. This only affects
logging into an embedded container, clients accessing a container
remotely (RemoteInitialContextFactory) have these models and more as
in the past.
I investigated a per-InitialContext security-tracking method for
clients of an embeddable container. This is possible to do, but a
little tricky as there is no clear way to sandbox a set of proxies to
an InitialContext. VM-scoped and thread-scoped are far easier.
I've also removed the limitation that you cannot login twice via an
InitialContext on the same thread. As well I've added the ability for
the InitialContext.close() method to log you out if that
InitialContext instance performed a login when it was created.
New 3.1-SNAPSHOTs are available in http://people.apache.org/repo/m2-snapshot-repository/
as well as built a new server image at:
http://people.apache.org/repo/m2-snapshot-repository/org/apache/openejb/openejb-standalone/3.1-SNAPSHOT/openejb-standalone-3.1-20080821.003247-2.zip
In addition, I also hacked up a new example showing the improved
LocalInitialContext login/logout functionality:
http://svn.apache.org/repos/asf/openejb/trunk/openejb3/examples/testing-security-2/
Let us know how things look on your end and we can make any tweaks you
need.
-David
