Java96 at

Info iconThis preview shows page 1. Sign up to view the full content.

View Full Document Right Arrow Icon
This is the end of the preview. Sign up to access the rest of the document.

Unformatted text preview: action name comment" is extremely unhelpful for new people LoginConfig processing can silently do the wrong thing If you deploy a security realm using a LoginConfig block, and you set the login domain name to be the same for every login module in the realm, only one of the login modules is actually deployed, and no error is generated. I'm not clear why you can't have more than one login module with the same login domain in the same realm. If you have an extra login module that doesn't produce principals but works in conjunction with the main login module (for auditing, for example), then why would you need to specify a distinct login domain for it? It looks like we use the login domain name as the GBean name, but maybe we should just call them "LoginModule1" through "LoginModuleN" or something instead. Nevertheless, if this is an error condition, we should not deploy the realm with only one login module, we should throw a DeploymentException. <configuration configId="SecurityRealmAaron" parentId="org/apache/geronimo/Server" xmlns=""> <gbean name="Aaron" class=""> <attribute name="realmName">Aaron</attribute> <reference name="ServerInfo"> <gbean-name>geronimo.server:J2EEApplication=null,J2EEModule=org/apache/geronimo/System,J2EEServer=geronimo,j2eeType=GBean,name=ServerInfo</gbean-name> </reference> <xml-reference name="LoginModuleConfiguration"> <log:login-config xmlns:log=""> <log:login-module control-flag="REQUIRED" server-side="true"> <log:login-domain-name>Aaron</log:login-domain-name> <log:login-module-class>org.apache.geronimo....
View Full Document

This document was uploaded on 10/12/2012.

Ask a homework question - tutors are online