RE: Security Roles in EAR

["Alan D. Cabrera" <ad...@toolazydogs.com>]

> -----Original Message-----
> From: Aaron Mulder [mailto:ammulder@alumni.princeton.edu]
> Sent: Monday, November 01, 2004 7:04 PM
> To: dev@geronimo.apache.org
> Subject: Security Roles in EAR
> 
> 	So you can list security roles in an EAR's
> META-INF/application.xml, but it's never been clear to me exactly what
> that buys you.  I think you still have to list the same security roles
> again in each module in order for role-links to work as expected.
> 
> 	Would it be appropriate for us to let you map the EAR security
> roles to principals in META-INF/geronimo-application.xml, and then
apply
> those settings as defaults if the same security roles show up in
> individual modules?  That would let you do you mapping in one place,
if
> for example, you were going to have a WAR and an EJB JAR that use the
same
> set of security roles.

JACC should do this for us, as soon as I put the code in.

Regards,
Alan

RE: Security Roles in EAR

[Aaron Mulder <am...@alumni.princeton.edu>]

On Mon, 1 Nov 2004, Alan D. Cabrera wrote:
> JACC should do this for us, as soon as I put the code in.

	I guess what I'm saying is, "should we add a security element
referencing geronimo-security.xsd to geronimo-application.xsd" so that
becomes 1 place to (optionally) do all role mapping for the application.  
Is that the code you're going to add, or are you going to add a different
"1 place to do role mapping"?

Thanks,
	Aaron