On Sun, Apr 21, 2002 at 04:27:14PM -0700, Jason Dillon wrote:
> Think if we wanted
> to start signing these & performing cert verificatrion to ensure users have
> valid plugins. We can't have them changing the contents then.
This is a very good point which seems to have gotten lost in the thread.
A related point is that not all JBoss deployments are "in house". Some
of the customers of our product, which is packaged as an .ear, opt for
remotely-supported local installations (for performance and security
reasons). If we had the ability to ensure that only packages signed
with our certificate would be auto-deployed, we would use it. If we had the
ability to send out "drag and drop" updates (signed or unsigned) that would
observe the pre-existing site configs, we would use that too. A lot.
> Do you think that 2 files (.sar & .xml) is really that much more trouble to
> manage?
I don't think this point was successfully rebutted, either.
> What are the advantages to having only .sar w/ embedded config .xml?
Or, more precisely, what are the advantages of precluding any external
configuration of a packaged sar. Anyone?
There are already two advantages to externally-configured, non-exploded
deployment above.
-Michael Robinson
_______________________________________________
Jboss-development mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/jboss-development
