Rickard �berg wrote:
R�> Oleg Nitz wrote:
>> RO> Why?
>> Because after the last cvs update I get "not serializable" exception
>> on deployment :-)
>> I guess, this is because JaasSecurityManager is bound to JNDI and
>> something has been changed in JNP.
R�> On second thought, no I don't understand what you're doing with JNDI.
R�> First you are binding the JSMS to "jaas" and then you are creating a new
R�> subcontext "jaas.sm" parallel to "jaas" in the root context (i.e. in the
R�> root of JNDI you will have a "jaas" binding and a subcontext called
R�> "jaas.sm".
Correct.
R�> Why do you have a "." in the name BTW?) ,
Why not?
R�> and then on lookup you bind new JSM's into the "jaas.sm"
R�> subcontext. Why? First of all, can there be many JSM's?
R�> And should they really be created on the fly as you
R�> do now if they're not already created when the lookup is done? And why
R�> don't you simply use a hashtable where you store the JSM's instead of
R�> the "jaas.sm" subcontext?
R�> Can you please explain what you want to do with this code.
Okay, I'll try.
auth.conf may contain multiple "application entries".
They correspond to different SecurityManagers and/or RealmMappings,
different beans may refer to different "application entries".
For each application entry in auth.conf, say "MySecurity", I want to
create new JSM("MySecurity") and to bind it to JNDI name
"jaas/SecurityView". But JAAS doesn't give a possibility to get
the list of all application entry names, and this operation actually
doesn't make sense, because auth.conf contains the default "other"
entry, so that if "MySecurity" is not found in auth.conf, "other"
should be silently used. Therefore, I cannot statically bind security
managers on JSMS startup, but I have to bind them during
deployment, when the correspondent JNDI lookup is being performed.
I am no expert in JDNI, so I have implemented the only solution of
this problem that I have found: JSMS is bound to "jaas" JNDI
name, and returns Context, to which JSM is lazily added.
If you tell me how can this be implemented in some easier way,
I shall follow your recommendations ASAP.
Best regards,
Oleg
