[JBoss JIRA] (WFLY-7574) Elytron "expressions-allowed" => true attributes

Thursday, 1 December 2016



     [
https://issues.jboss.org/browse/WFLY-7574?page=com.atlassian.jira.plugin....
]

Jan Kalina reassigned WFLY-7574:
--------------------------------

    Assignee: Jan Kalina


...
 Elytron "expressions-allowed" => true attributes
 ------------------------------------------------

                 Key: WFLY-7574
                 URL: https://issues.jboss.org/browse/WFLY-7574
             Project: WildFly
          Issue Type: Bug
          Components: Security
    Affects Versions: 11.0.0.Alpha1
            Reporter: Martin Choma
            Assignee: Jan Kalina

 Please review these usage of "expressions-allowed" => true
 * class names and module names
 {code}
 /custom-role-mapper/module
 /custom-role-mapper/class-name
 /constant-permission-mapper/module
 /constant-permission-mapper/class-name
 /simple-permission-mapper/permission-mappings/module
 /simple-permission-mapper/permission-mappings/class-name
 /custom-permission-mapper/module
 /custom-permission-mapper/class-name
 /custom-name-rewriter/module
 /custom-name-rewriter/class-name
 /custom-principal-decoder/module
 /custom-principal-decoder/class-name
 /custom-realm-mapper/module
 /custom-realm-mapper/class-name
 /service-loader-http-server-mechanism-factory/module
 /service-loader-sasl-server-factory/module
 /custom-modifiable-realm/module
 /custom-modifiable-realm/class-name
 /custom-credential-security-factory/module
 /custom-credential-security-factory/class-name
 /custom-role-decoder/module
 /custom-role-decoder/class-name
 /custom-realm/module
 /custom-realm/class-name
 {code}
 Brian: "Traditionally we also don't allow expressions on attributes whose values
are classnames or module names
 TBH there is no great reason for that, beyond a feeling that it will allow greater
flexibility for future changes at little practical cost
 but it's what we've done and we might as well stick to it"
 * referencing another services
 {code}
 /sasl-authentication-factory/mechanism-configurations/mechanism-realm-configurations
 /http-authentication-factory/mechanism-configurations/mechanism-realm-configurations
 /ldap-key-store/dir-context
 /server-ssl-context/provider-loader
 /client-ssl-context/provider-loader
 /filtering-key-store/key-store
 /dir-context/ssl-context
 /ldap-realm/dir-context
 /trust-managers/key-store
 /trust-managers/provider-loader
 /key-managers/key-store
 /key-managers/provider-loader
 /credential-store/relative-to
 /credential-store/provider-loader
 {code} 


--
This message was sent by Atlassian JIRA
(v7.2.3#72005)

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006