ServerRealmConfigurationEntry

[Jeremy Boynes <jb...@apache.org>]

As I understand the security setup, in the deployment plan we can set up 
the indirection between the application's realm name (from the standard 
DD) and a GenericSecurityRealm that defines the physical realm.

If this is true, why do we need ServerRealmConfigurationEntry's at all? 
Aren't they introducing a level of indirection that isn't needed?

Is the benefit here that you can define the principal mapping against a 
logical realm name and then map that in one place to the physical realm 
name? If so, could this be done with a simple plan element rather than 
making the user define a GBean?

--
Jeremy