Remy Maucherat wrote:
Jeanfrancois Arcand wrote:
Zzzzoui :-)
I will do that (on my own time unfortunalty, so may take a couple of weeks....)
First, it would be easier just to convert the web.xml into security permissions, and to keep internal collections, for unchecked, excluded, and role permissions than to do all this constraint processing work. A simple call to collection.implies, could then be used for the decision logic (which would be just one step short of integrating with an external jsr 115 policy provider).
Then a full jsr115 implementation can happen once I'm sure step one works :-)
Mmm, ok. I'm not quite following very well, since I didn't read the spec yet ;-) If I understand, you would implement something which would work as the JSR 115 security policy provider, but (likely :) ) simpler ?
Yes, as a first steps. It will also works without a security manager (Costin was asking for that if I remember correctly). It is a required steps to supports jsr115 anyway.
Would it be equivalent performance wise to the current solution if JSR 115 support is disabled ?
Yes, it could be if ByteChunk/MessageByte etc. are used ( can be slower also, probably the first implementation will be slower ). One way to do that will be to create our own Permission collections that re-use what we already have. I still have to think of it...I would like to do something similar to what you have done with the Mapper ( avoiding String etc.)
-- Jeanfrancois
Rémy
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
