(too many typos!)
If indeed @Configured MessageSecurityConfig is *not* a singleton, then
it has a bug. The 'AuthLayer' attribute will need to be annotated as
its key value so that it has a name, and so that more than one can
exist without an MBean ObjectName conflict.
Proposed change marks the attribute as a key value:
@Attribute(key=true) <=== add key=true
@NotNull
public String getAuthLayer();
Lloyd
On Jun 19, 2009, at 11:11 AM, Lloyd Chambers wrote:
> If indeed @Configured MessageSecurityConfig is *not* a singleton,
> then it has a bug. The 'AuthLayer' attribute will need to marked as
> its key value so that it has a name, and so that more than one can
> exist with an MBean name conflict.
>
> Proposed changed:
>
> @Attribute(key=true) <=== add key=true
> @NotNull
> public String getAuthLayer();
>
> Lloyd
>
> On Jun 19, 2009, at 3:06 AM, Kumar Jayanti wrote:
>
>> Anissa Lam wrote:
>>>
>>>
>>> I have some questions regarding <message-security-config>
>>>
>>> sun-domain_1_3.dtd specifies
>>>
>>> <!ENTITY % message-layer "(SOAP | HttpServlet)">
>>> <!ELEMENT security-service
>>> (auth-realm+, jacc-provider+, audit-module*, message-
>>> security-config*, property*)>
>>> <!ATTLIST message-security-config
>>> auth-layer %message-layer; #REQUIRED
>>> default-provider CDATA #IMPLIED
>>> default-client-provider CDATA #IMPLIED>
>>>
>>> Kumar mentioned user can create as many as they want.
>> It maynot be as many as they want (i should have been more clear)
>> but there have to be atleast 2 one for message-layer SOAP and
>> another one for HttpServlet.
>>> However, in CLI, there is no create-message-security-config
>>> command. (both v2 and v3)
>> The command in V2 is :
>> Usage: create-message-security-provider [--terse=false] [--
>> echo=false] [--interactive=true] [--host localhost] [--port 4848|
>> 4849] [--secure | -s] [--user admin_user] [--passwordfile
>> file_name] [--target target(Default server)] --classname
>> provider_class [--layer message_layer=SOAP] [--providertype
>> provider_type] [--requestauthsource request_auth_source] [--
>> requestauthrecipient request_auth_recipient] [--responseauthsource
>> response_auth_source] [--responseauthrecipient
>> response_auth_recipient] [--isdefaultprovider] [--property
>> (name=value)[:name=value]*] provider_name
>>
>> And you can see the message_layer argument there which is defaulted
>> to SOAP.
>>>
>>> In MessageSecurityConfig.java, it is declared as Singleton:
>>>
>>>
>>> @org
>>> .glassfish
>>> .api
>>> .amx
>>> .AMXConfigInfo
>>> ( amxInterfaceName
>>> ="com.sun.appserv.management.config.MessageSecurityConfig",
>>> singleton=true)
>>> @Configured
>>> public interface MessageSecurityConfig extends
>>> ConfigBeanProxy, Injectable
>>>
>>> So, how can we have a message-security-config with a message-
>>> layer of "HttpServlet" ?
>>>
>> I guess this needs to be corrected
>>> Is <message-security-config> a singleton ?
>>>
>> No.
>>
>> regards,
>> kumar
>>
>>> If this is not singleton, then AMX needs to make changes.
>>> Currently, it is v3:pp=/domain/configs/config[server-config]/
>>> security-service,type=message-security-config without any unique
>>> identifier.
>>>
>>> Should GUI support the creation of additional message-security-
>>> config ? Can the security team let me know please ?
>>>
>>> thanks
>>> Anissa.
>>>
>>>
>>> --------------------------------------------------------------------- To
>>> unsubscribe, e-mail: dev-unsubscribe_at_glassfish.dev.java.net For
>>> additional commands, e-mail: dev-help_at_glassfish.dev.java.net
>>
>
> Lloyd Chambers
> lloyd.chambers_at_sun.com
> GlassFish Team
>
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: dev-unsubscribe_at_glassfish.dev.java.net
> For additional commands, e-mail: dev-help_at_glassfish.dev.java.net
>
Lloyd Chambers
lloyd.chambers_at_sun.com
GlassFish Team