This is perhaps a too precise question about seam security ? What is the best way to contact the authors ? I'm perhaps not the only one in that situation ?
From my understanding, JpaIdentityStore and JpaPermissionStore seems to be responsible.
I see two solutions, tell me if I'm wrong :
1 -> transform Seam identity to split implementation into smaller packages and separate Jpa Dependency (why not create an Ldap Dependency based on groups for permission, etc.)
2 -> keep it the same, and find a trick to avoid connecting to a 'real' persistence provider, and DB.
Shane is the one to contact for Security questions. Good ideas though about how to make this easier
The reason we have the transaction interceptor enabled for the security is because of the action classes in the org.jboss.seam.security.management.action package. We did have a plan to make these abstract classes, and have the user extend/implement these themselves if they wanted to use identity management in their application, meaning the transaction interceptor would be no longer required.
Could you please raise a JIRA issue and assign it to me, and I'll try to get this done for the next release.