[forge-dev] Security addon in Forge

Ivan St. Ivanov ivan.st.ivanov at gmail.com
Sat Jan 3 18:26:00 EST 2015


Sorry, forget about it. I put my new methods in the servlet facet :)

On Sun, Jan 4, 2015 at 1:05 AM, Ivan St. Ivanov <ivan.st.ivanov at gmail.com>
wrote:

> So, I am reworking this addon for the third time now.
>
> I reached to the conclusion that I will create a mirroring SecurityFacet
> implementation for every ServletFacet implementation (2_5, 3_0, 3_1).
> Before you jumping at me, I would like to share some code. :)
>
> public interface SecurityFacet<DESCRIPTOR extends WebAppCommonDescriptor>
> {
>    public void addLoggingConfig(AuthenticationMethod method, String realmName);
> }
>
> public interface SecurityFacet_2_5 extends     SecurityFacet<org.jboss.shrinkwrap.descriptor.api.webapp25.WebAppDescriptoWebAppDescriptor>
>
> public class SecurityFacetImpl_2_5 extends ServletFacetImpl_2_5 implements SecurityFacet_2_5
>
> Before that though, I wonder is there a possibility to somehow inject the
> needed ServletFacetImpl inside its corresponding SecurityFacetImpl, i.e.
> compose it? I am doing it now with inheritance, but I don't quite like it
> because of the DependencyInstaller dependency in the ServletFacetImpl
> constructors. Which I need to explicitly create a constructor in the
> SecurityFacetImpl for:
>
> @Inject
> public SecurityFacetImpl_2_5(DependencyInstaller installer)
> {
>    super(installer);
> }
>
>
> I will share later some code, but please tell me whether composition over
> inheritance will work in case of facets?
>
> Thanks,
> Ivan
>
> On Mon, Oct 13, 2014 at 2:17 PM, Ivan St. Ivanov <ivan.st.ivanov at gmail.com
> > wrote:
>
>> OK, George, should I read your answers as: "Yes, Ivan, go on and
>> implement the security command(s) in the javaee addon. You may use the
>> picketlink addon as reference, but follow the spec" :)
>>
>> On Mon, Oct 13, 2014 at 10:22 AM, George Gastaldi <ggastald at redhat.com>
>> wrote:
>>
>>> I am not sure, since the PicketLink  addon is specific to PicketLink,
>>> and not plain JavaEE security. Perhaps we need to introduce a new command
>>> in the javaee addon.
>>>
>>>
>>>
>>> Em 13/10/2014, às 10:01, Ivan St. Ivanov <ivan.st.ivanov at gmail.com>
>>> escreveu:
>>>
>>> Hi George,
>>>
>>> Thanks, I'll look at it!
>>>
>>> Do you think it is reasonable to close
>>> https://issues.jboss.org/browse/FORGEPLUGINS-152?
>>>
>>> Regards,
>>> Ivan
>>>
>>>
>>>
>>> On Mon, Oct 13, 2014 at 12:05 AM, George Gastaldi <ggastald at redhat.com>
>>> wrote:
>>>
>>>> Have you checked the Picketlink addon?
>>>>
>>>>
>>>> http://forge.jboss.org/addon/org.picketlink.tools.forge:picketlink-forge-addon
>>>>
>>>> Check it out, because I believe it already does some stuff that you are
>>>> looking for.
>>>>
>>>> Em 12/10/2014, às 22:32, Ivan St. Ivanov <ivan.st.ivanov at gmail.com>
>>>> escreveu:
>>>>
>>>> Hi folks,
>>>>
>>>> I wanted to add a new addon to Forge that handles the Java EE security
>>>> topics:
>>>>
>>>> - Add constraints to some resources
>>>> - Setup authentication mechanism (form, basic, digest, etc.)
>>>> - Assign realm to security constraints
>>>> - Create security roles
>>>> - If the realm is JDBC and JPA facet is installed, add an entity along
>>>> with some named queries
>>>>
>>>> I looked in the Forge JIRA whether there is something like that and I
>>>> found this issue created almost a year and a half ago:
>>>>
>>>> https://issues.jboss.org/browse/FORGEPLUGINS-152
>>>>
>>>> I read in the description though, that the addon should be also able to
>>>> setup groups and users inside a realm. Isn't that too server specific if
>>>> the realm is not JDBC? Maybe we could continue the communication in the
>>>> issue, so whoever is interested my add themselves as a watcher there?
>>>>
>>>> Cheers,
>>>> Ivan
>>>>
>>>> _______________________________________________
>>>> forge-dev mailing list
>>>> forge-dev at lists.jboss.org
>>>> https://lists.jboss.org/mailman/listinfo/forge-dev
>>>>
>>>>
>>>> _______________________________________________
>>>> forge-dev mailing list
>>>> forge-dev at lists.jboss.org
>>>> https://lists.jboss.org/mailman/listinfo/forge-dev
>>>>
>>>
>>> _______________________________________________
>>> forge-dev mailing list
>>> forge-dev at lists.jboss.org
>>> https://lists.jboss.org/mailman/listinfo/forge-dev
>>>
>>>
>>> _______________________________________________
>>> forge-dev mailing list
>>> forge-dev at lists.jboss.org
>>> https://lists.jboss.org/mailman/listinfo/forge-dev
>>>
>>
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/forge-dev/attachments/20150104/095f73ee/attachment.html 


More information about the forge-dev mailing list