David M Lloyd, Stefan, Flavia and I had a high level discussion on supporting Java Security Manager in AS8 in line with the needs of EE7 and JBoss Modules.
Internal reference: http://etherpad.corp.redhat.com/FaKiGVezLI
We had an etherpad discussion.
February 20, 2013
DML did some work: https://github.com/dmlloyd/jboss-modules/compare/dc534ef...f4c74be
(03:25:18 PM) dmlloyd: asaldhan, sguilhen, Nihility and anyone else who might be an expert on classloaders+permissions, could you please give that a lookover? (03:25:33 PM) dmlloyd: basically I allow a module to be built with a permission collection (03:25:42 PM) dmlloyd: if none is given, a collection with just AllPermission in it is used (03:25:55 PM) dmlloyd: then I add in a parser in module.xml to create permission specs (03:26:12 PM) dmlloyd: finally I use a lazy-loading permission collection object to load in permission types (03:27:00 PM) dmlloyd: this should work with any security manager, I think... (03:30:38 PM) jamezp: This has nothing to do with whether it's valid or not, but just a minor code inconsistency, https://github.com/dmlloyd/jboss-modules/blob/f4c74be46a512e52e757b43be5ab959a30677f84/src/main/java/org/jboss/modules/ModuleSpec.java#L277 (03:30:39 PM) jbossbot: git [jboss-modules] f4c74be.. David M. Lloyd [MODULES-157] Link module.xml parsing with new permission collection facility; tie it all together (03:30:40 PM) jbossbot: jira [MODULES-157] Permissions specifications per module [Open (Unresolved) Enhancement, Major, David Lloyd] https://issues.jboss.org/browse/MODULES-157 (03:31:11 PM) jamezp: All the other methods return a qualified builder. maybe that was intentional though. (03:31:19 PM) dmlloyd: yeah I guess it should be consistent (03:31:41 PM) jamezp: It really doesn't matter I realize, it just stood out to me is all. (03:32:12 PM) dmlloyd: IDEA added that one automatically when I did "pull members up" and I didn't check it (03:32:51 PM) jamezp: Yeah, it's got me before many times. :-) (03:33:49 PM) dmlloyd: overall I'm pleased that the whole thing, parser, XSD and all is a net gain of less than 600 LOC (03:36:21 PM) jamezp: Yeah, looks clean and straight forward to me. I can't speak about the security of it as I can guarantee I know way less than you do about it.