[
https://issues.apache.org/jira/browse/ROL-1274?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Glen Mazza closed ROL-1274.
---------------------------
Resolution: Unresolved
Item from 2006 against obsoleted ACEGI security; unsure how relevant this
matter is today, I can't find many (actually any) Spring security.xml files on
the 'Net that are using import in this manner, nor am I sure which keys
precisely are being referred to in this item. Spring security doesn't appear
to explain this approach in its documentation.
If doing advanced configuration like LDAP the default security.xml in the
Roller WAR will need to be altered. At that stage perhaps the imports can be
put in the file, allowing some configuration to remain outside the WAR.
> Make it easier to create and maintain custom ACEGI security keys in
> WEB-INF/security.xml
> ----------------------------------------------------------------------------------------
>
> Key: ROL-1274
> URL: https://issues.apache.org/jira/browse/ROL-1274
> Project: Apache Roller
> Issue Type: Improvement
> Affects Versions: 3.0
> Reporter: Sean Gilligan
> Assignee: Roller Unassigned
> Attachments: ASF.LICENSE.NOT.GRANTED--roller_security_xml.diff,
> ASF.LICENSE.NOT.GRANTED--security-custom.xml
>
>
> security.xml should use the Spring <import> tag to load the keys from a
> seperate file. That way most installations will not have to edit
> security.xml, but can insead edit security-custom.xml. This also simplifies
> maintaining a custom build since you can change security-custom.xml and not
> have to worry about security.xml changing.
> Patch attached.
> (I know that the Spring docs discourages use of <import>, but in this case it
> is the right thing to do.)
--
This message was sent by Atlassian JIRA
(v6.2#6252)
