So, I am reworking this addon for the third time now.

I reached to the conclusion that I will create a mirroring SecurityFacet implementation for every ServletFacet implementation (2_5, 3_0, 3_1). Before you jumping at me, I would like to share some code. :)

public interface SecurityFacet<DESCRIPTOR extends WebAppCommonDescriptor> 
{
public void addLoggingConfig(AuthenticationMethod method, String realmName);
}

public interface SecurityFacet_2_5 extends 
    SecurityFacet<org.jboss.shrinkwrap.descriptor.api.webapp25.WebAppDescriptoWebAppDescriptor>
public class SecurityFacetImpl_2_5 extends ServletFacetImpl_2_5 implements SecurityFacet_2_5
Before that though, I wonder is there a possibility to somehow inject the needed ServletFacetImpl inside its corresponding SecurityFacetImpl, i.e. compose it? I am doing it now with inheritance, but I don't quite like it because of the DependencyInstaller dependency in the ServletFacetImpl constructors. Which I need to explicitly create a constructor in the SecurityFacetImpl for:
@Inject
public SecurityFacetImpl_2_5(DependencyInstaller installer)
{
super(installer);
}


I will share later some code, but please tell me whether composition over inheritance will work in case of facets?

Thanks,
Ivan

On Mon, Oct 13, 2014 at 2:17 PM, Ivan St. Ivanov <ivan.st.ivanov@gmail.com> wrote:
OK, George, should I read your answers as: "Yes, Ivan, go on and implement the security command(s) in the javaee addon. You may use the picketlink addon as reference, but follow the spec" :)

On Mon, Oct 13, 2014 at 10:22 AM, George Gastaldi <ggastald@redhat.com> wrote:
I am not sure, since the PicketLink  addon is specific to PicketLink, and not plain JavaEE security. Perhaps we need to introduce a new command in the javaee addon.



Em 13/10/2014, às 10:01, Ivan St. Ivanov <ivan.st.ivanov@gmail.com> escreveu:

Hi George,

Thanks, I'll look at it!

Do you think it is reasonable to close https://issues.jboss.org/browse/FORGEPLUGINS-152?

Regards,
Ivan



On Mon, Oct 13, 2014 at 12:05 AM, George Gastaldi <ggastald@redhat.com> wrote:
Have you checked the Picketlink addon? 
Check it out, because I believe it already does some stuff that you are looking for.

Em 12/10/2014, às 22:32, Ivan St. Ivanov <ivan.st.ivanov@gmail.com> escreveu:

Hi folks,

I wanted to add a new addon to Forge that handles the Java EE security topics:

- Add constraints to some resources
- Setup authentication mechanism (form, basic, digest, etc.)
- Assign realm to security constraints
- Create security roles
- If the realm is JDBC and JPA facet is installed, add an entity along with some named queries

I looked in the Forge JIRA whether there is something like that and I found this issue created almost a year and a half ago:


I read in the description though, that the addon should be also able to setup groups and users inside a realm. Isn't that too server specific if the realm is not JDBC? Maybe we could continue the communication in the issue, so whoever is interested my add themselves as a watcher there?

Cheers,
Ivan
_______________________________________________
forge-dev mailing list
forge-dev@lists.jboss.org
https://lists.jboss.org/mailman/listinfo/forge-dev

_______________________________________________
forge-dev mailing list
forge-dev@lists.jboss.org
https://lists.jboss.org/mailman/listinfo/forge-dev

_______________________________________________
forge-dev mailing list
forge-dev@lists.jboss.org
https://lists.jboss.org/mailman/listinfo/forge-dev

_______________________________________________
forge-dev mailing list
forge-dev@lists.jboss.org
https://lists.jboss.org/mailman/listinfo/forge-dev