I've created a J2EE application using a set of libraries. Works like a charm. Now it needs to be deployed into production. Our admin is very cautious about execution security and requires the permissions granted explicitly. Going through all the code and looking up security requirements (especially the custom libraries) is time consuming and I'll probably will miss things out. Is there a way in Tomcat or Websphere to run the application and just log the security requirements used during the run (In a fully ideal world: save in a format directly usable for the security manager).
+1
A:
What you describe sounds like IBM Alphaworks Sword4J. Not tried it and it doesn't sound like an approach I'd want to take from an availability point of view, but I'd love to hear any experiences with it.
Tom Hawtin - tackline
2010-03-03 02:14:59
Seems it looks like a tool for OSGI bundles rather than J2EE environments, but I'll have a look and ask the authors.
stwissel
2010-03-03 15:13:35