[ https://issues.apache.org/jira/browse/GERONIMO-3964?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12590233#action_12590233 ]
David Jencks commented on GERONIMO-3964: ---------------------------------------- Reorganization done in rev 649325 > Concentrate spec security setup for webapps into one class. Consider not > using excluded permissions > --------------------------------------------------------------------------------------------------- > > Key: GERONIMO-3964 > URL: https://issues.apache.org/jira/browse/GERONIMO-3964 > Project: Geronimo > Issue Type: Improvement > Security Level: public(Regular issues) > Components: security > Affects Versions: 2.2 > Reporter: David Jencks > Assignee: David Jencks > Fix For: 2.2 > > > The security building code is a bit spread out between the jetty/tomcat web > module builders, the parent AbstractWebModuleBuilder, and some classes in > geronimo-security. > (1) reorganize this so its easier to understand with all the code in a single > package in the abstract web module builder module. Also, only use one call > to do all the building. > (2) Theoretically, excluded permissions are a bit weird.... why not simple > not hand out those permissions in the first place? After the reorganization > I'm planning to investigate how plausible this is. No excluded permissions > fit better into a standard rbac framework and are much easier to think about > IMO. -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online.