Hi!
Oleg Nitz wrote:
> R�> On second thought, no I don't understand what you're doing with JNDI.
> R�> First you are binding the JSMS to "jaas" and then you are creating a new
> R�> subcontext "jaas.sm" parallel to "jaas" in the root context (i.e. in the
> R�> root of JNDI you will have a "jaas" binding and a subcontext called
> R�> "jaas.sm".
> Correct.
Is there a reason why there is not instead a "jaas" context with a "sm"
subcontext, containing all SM's?
> R�> Why do you have a "." in the name BTW?) ,
> Why not?
Because it is somewhat confusing as it seems you really wanted a "sm"
subcontext to a "jaas" context.
> R�> and then on lookup you bind new JSM's into the "jaas.sm"
> R�> subcontext. Why? First of all, can there be many JSM's?
> R�> And should they really be created on the fly as you
> R�> do now if they're not already created when the lookup is done? And why
> R�> don't you simply use a hashtable where you store the JSM's instead of
> R�> the "jaas.sm" subcontext?
>
> R�> Can you please explain what you want to do with this code.
> Okay, I'll try.
> auth.conf may contain multiple "application entries".
> They correspond to different SecurityManagers and/or RealmMappings,
> different beans may refer to different "application entries".
> For each application entry in auth.conf, say "MySecurity", I want to
> create new JSM("MySecurity") and to bind it to JNDI name
> "jaas/SecurityView". But JAAS doesn't give a possibility to get
> the list of all application entry names, and this operation actually
> doesn't make sense, because auth.conf contains the default "other"
> entry, so that if "MySecurity" is not found in auth.conf, "other"
> should be silently used. Therefore, I cannot statically bind security
> managers on JSMS startup, but I have to bind them during
> deployment, when the correspondent JNDI lookup is being performed.
> I am no expert in JDNI, so I have implemented the only solution of
> this problem that I have found: JSMS is bound to "jaas" JNDI
> name, and returns Context, to which JSM is lazily added.
> If you tell me how can this be implemented in some easier way,
> I shall follow your recommendations ASAP.
Yes, I see now. Basically you want a "jaas" context with a bunch of
JSM's in it, right? So, basically you could change the JSMS object
factory to lookup JSM's from a hashtable based on the rest of the name
(i.e. almost as you do now). If no JSM is found, then put a new one into
the hashtable.
Makes sense?
/Rickard
--
Rickard �berg
Email: [EMAIL PROTECTED]
http://www.telkel.com
http://www.jboss.org
http://www.dreambean.com
