[
https://jira.jboss.org/jira/browse/SECURITY-244?page=com.atlassian.jira.p...
]
Stefan Guilhen commented on SECURITY-244:
-----------------------------------------
I've taken a look a this class and this is what we have now in Trunk:
- the loginConfigStack now holds Configuration objects instead of object names. Thus, when
a configuration is popped, we install the previous config in the stack. I think we still
need to add some logic so that when the stack becomes empty we install the JDK default
configuration.
- currently, whenever we push a configuration we either provide an object name for an
MBean that must implement getConfiguration(Configuration prevConfig) or an XMLLoginConfig
instance. In my opinion, this not as good as it could be, as XMLLoginConfig is not an
interface and this means that people who want to inject their own configuration need to
extend this class. A better way to do this would be to create an interface, something like
LoginConfig, and define the getConfiguration(Configuration prevConfig) method. Then change
the pushLoginConfig to accept instances of LoginConfig instead of XMLLoginConfig. In this
case, XMLLoginConfig would implement LoginConfig, allowing us to inject any LoginConfig
implementation into SecurityConfig.
Look at SecurityConfig
----------------------
Key: SECURITY-244
URL:
https://jira.jboss.org/jira/browse/SECURITY-244
Project: JBoss Security and Identity Management
Issue Type: Task
Security Level: Public(Everyone can see)
Reporter: Anil Saldhana
Assignee: Stefan Guilhen
Fix For: NO_VERSION
(11:25:04 AM) sguilhen: anil: ping... on SecurityConfig, there is a stack of
configurations... however the popLoginConfig() seems not right to me... it always
re-installs the same configuration over and over instead of installing the previous
configuration... can you take a look at it later?
(11:27:22 AM) sguilhen: anil: also, as I am going to inject XMLLoginConfig directly, I
need somehow to change this stack to keep the XMLLoginConfig instance instead of the
object name.... so I think I need to add an extra interface here to allow the use of
multiple login configurations.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
https://jira.jboss.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
http://www.atlassian.com/software/jira