Shreedhar, I'm assuming GF is borrows a lot on the sunone app server. I think we may be one of a few groups (on this mailing list at least) that have deployed production Tapestry applications on the Sunone App Server 7.0.
After spending many hours on different policy file configurations, we decided to disable the security manager completely (never to be turned on again). Like Howard mentioned, Tapestry and a rigid security policy don't mix. Aside from our classloader problems, we've been very happy. The apps handle a ton of traffic and are rock solid. The web based admin tools for the app server are excellent. I'm curious if they're they comparable in GF? For us, upgrading to server that uses the 1.5 JDK (or whatever they call it these days) is also attractive. As of now, we haven't been able to take advantage of the new annotation features. Also, I like the fact that there's a OSX build, which is something Sun hasn't offered with their commerical products. My entire team develops on OSX (using tomcat). Believe it or not, developing tomcat and deploying to Sunone has been fairly snag-free. Tho, it would be nice to remove that wrinkle from the equation. Thanks, Eric On 3/15/06, Shreedhar Ganapathy <[EMAIL PROTECTED]> wrote: > Hello Howard > Thank you for responding. > Without de-emphasizing the need to figure out security policy setting > for apps, here's some news that might help for deploying, running and > evaluating Tapestry apps with GlassFish. > > After much feedback from the community, bearing ease-of-use in mind for > developers, the default setting in GlassFish(GF) build 40 > <https://glassfish.dev.java.net/public/downloadsindex.html> onwards has > the security manager set to false (disabled). > > This should allow many applications to be deployed and run easily > allowing the developer to focus on app development, identifying any > issues with GF, and later get to setting security policies for the app > while enabling the security manager. > > regards > Shreedhar > > > Howard Lewis Ship wrote: > > >From some discussions with people at conferences, the main problem is > >the stringent security contraints inside GlassFish. Tapestry does > >some "non-kosher" things in terms of creating class loaders and using > >reflection (a lot of this is related to using Javassist), and these > >things need to be expressly allowed using a security file. > > > >I'd love to see someone work through those issues and post to the wiki > >the necessary security configuration changes that are needed. > > > > > >On 3/13/06, Shreedhar Ganapathy <[EMAIL PROTECTED]> wrote: > > > > > >>Hello > >>I am part of the GlassFish project that is developing an open source > >>application server based on Java EE 5. (http://glassfish.dev.java.net). > >> > >>We are looking to better understand how well popular frameworks, and > >>apps work with GlassFish. > >>These have the dual benefits of identifying any bugs/issues, and growing > >>the adoption of both the framework itself, and GlassFish. > >> > >>Could you share any pointers you may have to any blogs, mailing list > >>questions or articles that cover experiences/issues with deploying and > >>running any Tapestry based Apps with GlassFish ? > >> > >>best regards > >> > >>Shreedhar Ganapathy > >>Staff Engineer, > >>Sun Microsystems, Inc. > >>PS: I am not on this mailing list. > >> > >>--------------------------------------------------------------------- > >>To unsubscribe, e-mail: [EMAIL PROTECTED] > >>For additional commands, e-mail: [EMAIL PROTECTED] > >> > >> > >> > >> > > > > > >-- > >Howard M. Lewis Ship > >Independent J2EE / Open-Source Java Consultant > >Creator, Jakarta Tapestry > >Creator, Jakarta HiveMind > > > >Professional Tapestry training, mentoring, support > >and project work. http://howardlewisship.com > > > > > > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
