David,
I think this is (or was) Maven's standard way of packaging a war file.
Im not opposed to changing it, but if you do, please make sure nothing else breaks (such as the hotdeploy goal)
Really? Wow. I have never used WEB-INF/classes for anything other than properties files. Ok, I'll look into it more carefully.
The issue is that RdbmsPolicy.getPermissions() gets called many times for a single checkPermission() invocation, (once per CodeSource/PermissionDomain). In the AbstractPageManager case, it is called 4-6 instead of perhaps 2-3 times per unique checkPermission() per user session. Each time, it invokes PermissionManager.getPermissions() which hits the DB, (or look like it does anyway). Worse case, we might consider caching in the principal impls to eliminate redundant lookup. Ideally, I'd like to get it down to just one access RdbmsPolicy.getPermissions(), but I do not know how to use the Subject.doAs*() methods to accomplish that yet. DLS?
Looking at RdbmsPolicy.getDefaultPolicy():
I private static String defaultPolicy = "sun.security.provider.PolicyFile";
then
Class policyClass = Class.forName(RdbmsPolicy.defaultPolicy); return (Policy) policyClass.newInstance();
Is that where the performance hit is?
Or is it in getPermissons(). This code also looks suspect to me, especially the policy.refresh():
// TODO Is there a better way to do this?
// If the permission is not found here then delegate it
// to the standard java Policy class instance.
Policy.setPolicy(RdbmsPolicy.getDefaultPolicy());
Policy policy = Policy.getPolicy();
policy.refresh();
PermissionCollection defaultPerms = policy.getPermissions(codeSource);
// Revert back to the current policy.
Policy.setPolicy(this);
// Return the default permission collection.
return defaultPerms;
Randy
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
