5:05 p.m.
So, I am reworking this addon for the third time now.
I reached to the conclusion that I will create a mirroring SecurityFacet
implementation for every ServletFacet implementation (2_5, 3_0, 3_1).
Before you jumping at me, I would like to share some code. :)
public interface SecurityFacet<DESCRIPTOR extends WebAppCommonDescriptor>
{
public void addLoggingConfig(AuthenticationMethod method, String realmName);
}
public interface SecurityFacet_2_5 extends
SecurityFacet<org.jboss.shrinkwrap.descriptor.api.webapp25.WebAppDescriptoWebAppDescriptor>
public class SecurityFacetImpl_2_5 extends ServletFacetImpl_2_5
implements SecurityFacet_2_5
Before that though, I wonder is there a possibility to somehow inject the
needed ServletFacetImpl inside its corresponding SecurityFacetImpl, i.e.
compose it? I am doing it now with inheritance, but I don't quite like it
because of the DependencyInstaller dependency in the ServletFacetImpl
constructors. Which I need to explicitly create a constructor in the
SecurityFacetImpl for:
@Inject
public SecurityFacetImpl_2_5(DependencyInstaller installer)
{
super(installer);
}
I will share later some code, but please tell me whether composition over
inheritance will work in case of facets?
Thanks,
Ivan
On Mon, Oct 13, 2014 at 2:17 PM, Ivan St. Ivanov <ivan.st.ivanov(a)gmail.com>
wrote:
OK, George, should I read your answers as: "Yes, Ivan, go on and
implement
the security command(s) in the javaee addon. You may use the picketlink
addon as reference, but follow the spec" :)
On Mon, Oct 13, 2014 at 10:22 AM, George Gastaldi <ggastald(a)redhat.com>
wrote:
> I am not sure, since the PicketLink addon is specific to PicketLink, and
> not plain JavaEE security. Perhaps we need to introduce a new command in
> the javaee addon.
>
>
>
> Em 13/10/2014, às 10:01, Ivan St. Ivanov <ivan.st.ivanov(a)gmail.com>
> escreveu:
>
> Hi George,
>
> Thanks, I'll look at it!
>
> Do you think it is reasonable to close
> https://issues.jboss.org/browse/FORGEPLUGINS-152?
>
> Regards,
> Ivan
>
>
>
> On Mon, Oct 13, 2014 at 12:05 AM, George Gastaldi <ggastald(a)redhat.com>
> wrote:
>
>> Have you checked the Picketlink addon?
>>
>>
>> http://forge.jboss.org/addon/org.picketlink.tools.forge:picketlink-forge-...
>>
>> Check it out, because I believe it already does some stuff that you are
>> looking for.
>>
>> Em 12/10/2014, às 22:32, Ivan St. Ivanov <ivan.st.ivanov(a)gmail.com>
>> escreveu:
>>
>> Hi folks,
>>
>> I wanted to add a new addon to Forge that handles the Java EE security
>> topics:
>>
>> - Add constraints to some resources
>> - Setup authentication mechanism (form, basic, digest, etc.)
>> - Assign realm to security constraints
>> - Create security roles
>> - If the realm is JDBC and JPA facet is installed, add an entity along
>> with some named queries
>>
>> I looked in the Forge JIRA whether there is something like that and I
>> found this issue created almost a year and a half ago:
>>
>> https://issues.jboss.org/browse/FORGEPLUGINS-152
>>
>> I read in the description though, that the addon should be also able to
>> setup groups and users inside a realm. Isn't that too server specific if
>> the realm is not JDBC? Maybe we could continue the communication in the
>> issue, so whoever is interested my add themselves as a watcher there?
>>
>> Cheers,
>> Ivan
>>
>> _______________________________________________
>> forge-dev mailing list
>> forge-dev(a)lists.jboss.org
>> https://lists.jboss.org/mailman/listinfo/forge-dev
>>
>>
>> _______________________________________________
>> forge-dev mailing list
>> forge-dev(a)lists.jboss.org
>> https://lists.jboss.org/mailman/listinfo/forge-dev
>>
>
> _______________________________________________
> forge-dev mailing list
> forge-dev(a)lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/forge-dev
>
>
> _______________________________________________
> forge-dev mailing list
> forge-dev(a)lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/forge-dev
>