On Thu, Jan 27, 2011 at 3:44 AM, Kumar.Jayanti <Vbkumar.Jayanti_at_sun.com>wrote:
> It depends on whether BigCo's EAR uses any security (using descriptors
> and/or annotations). If it did then GlassFish will ensure it will generate
> appropriate policy when the EAR was deployed to control its access.
>
I understand how Glassfish works when either the default or in-memory JACC
provider is selected. I am talking about the case where (a) I supply a new
JACC provider and (b) unbeknownst to me BigCo has done the same. In such a
case, it seems to me that Glassfish policy generation is beside the point,
since the policy provider in question may not even read those files.
Again, what happens when I replace the BigCo-authored JACC policy provider
that BigCo was relying upon?
Best,
Laird