[
https://issues.jboss.org/browse/WFLY-2581?page=com.atlassian.jira.plugin....
]
Darran Lofthouse updated WFLY-2581:
-----------------------------------
Description:
The quick start accesses the currently authenticated user, unfortunately this
representation is with a bunch of internal implementation classes.
• org.jboss.as.domain.management.security.RealmUser.
• org.jboss.as.security.remoting.RemotingContext.
• org.jboss.as.controller.security.SubjectUserInfo
The first problem is the RemotingContext, we use it internally to associate the remoting
connection with the thread processing the request, the only reason we really use it is to
obtain the identity of the user associated with the connection, we may be better
simplifying this down to just associate a simple ConnectionSecurityContext with the thread
instead.
Secondly once we have used the identity associated with the connection we clear the
association, this is probably the wrong way round and instead we should be setting
something to say we have used the identity.
The SubjectUserInfo is essentially the ConnectionSecurityContext I mention above, we need
a simple representation of this that can be used.
Finally there is RealmUser, we should also add RealmGroup - these two classes just need to
be in their own public module or inherit from something that is.
As a closing point should these be marked as deprecated? Security services are being
re-worked in WildFly and this whole quick start is just an alternative solution to the new
services.
was:The quick start accesses the currently authenticated user, unfortunately this
representation is with a bunch of internal implementation classes.
Provide API for use by ejb-security-interceptors quick start.
-------------------------------------------------------------
Key: WFLY-2581
URL:
https://issues.jboss.org/browse/WFLY-2581
Project: WildFly
Issue Type: Task
Security Level: Public(Everyone can see)
Components: Security
Reporter: Darran Lofthouse
Assignee: Darran Lofthouse
Fix For: 8.0.1.Final
The quick start accesses the currently authenticated user, unfortunately this
representation is with a bunch of internal implementation classes.
• org.jboss.as.domain.management.security.RealmUser.
• org.jboss.as.security.remoting.RemotingContext.
• org.jboss.as.controller.security.SubjectUserInfo
The first problem is the RemotingContext, we use it internally to associate the remoting
connection with the thread processing the request, the only reason we really use it is to
obtain the identity of the user associated with the connection, we may be better
simplifying this down to just associate a simple ConnectionSecurityContext with the thread
instead.
Secondly once we have used the identity associated with the connection we clear the
association, this is probably the wrong way round and instead we should be setting
something to say we have used the identity.
The SubjectUserInfo is essentially the ConnectionSecurityContext I mention above, we need
a simple representation of this that can be used.
Finally there is RealmUser, we should also add RealmGroup - these two classes just need
to be in their own public module or inherit from something that is.
As a closing point should these be marked as deprecated? Security services are being
re-worked in WildFly and this whole quick start is just an alternative solution to the new
services.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see:
http://www.atlassian.com/software/jira