users@glassfish.java.net

Re: Security Manager default

From: Ken Paulsen <ken.paulsen_at_Sun.COM>
Date: Wed, 15 Feb 2006 11:39:36 -0800

+1 8-)

This is a good (user-experience) change.

My experience w/ a 3rd party app & the Security Manager is on my blog:
http://blogs.sun.com/paulsen

Ken

Jerome Dochez wrote:

> As you may have heard, there has been a fair amount of discussions
> about the security manager role in GF.
>
> We have been considering turning it off by default. This is motivated
> by two factors :
>
> 1. performance : The server startup, deployment, administration is
> affected by the security manager. Worse, we internally ran some
> numbers on the runtime throughput and the security manager has also an
> impact.
>
> 2. third party libraries, ease of use : As I have documented in my
> blog (http://blogs.sun.com/dochez), running third party libraries like
> Spring is not as obvious as we would like. A significant number of
> applications expect more privilege than the default ones and changing
> the rights for an application is not portable, quite obscure and
> intimidating.
>
> We have considered several options but it seems that turning off the
> security manager is likely to satisfy most external users on GlassFish
> as well as give a nice performance boost. As it is only the default
> setting, users will have to ability to turn it back on with a per
> domain configuration. I have asked Kedar to look into ways of make the
> switch (on/off) as easy as possible.
>
> Let me know if you see issues with this.
>
> Thanks, Jerome
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: dev-unsubscribe_at_glassfish.dev.java.net
> For additional commands, e-mail: dev-help_at_glassfish.dev.java.net
>