Re: [wildfly-dev] Time to remove *-elytron.xml Configurations
On 09/12/16 16:34, Scott Marlow wrote:
After we have completely switched to Elytron, will there be
*-legacy.xml files for switching back to Picketbox?
I do not expect so.
For anyone who identifies a need to use the PicketBox based security I
think our best option is to provide the management ops to add it back.
For anyone else already using PicketBox I would expect them to bring
their old configuration to WildFly 11 and so will be unaffected by this
discussion.
On Fri, Dec 9, 2016 at 6:27 AM, Darran Lofthouse
<darran.lofthouse(a)jboss.com> wrote:
> I think it is now time to start removing the *-elytron.xml
> configurations from the feature packs, these were added so we could
> start to get Elytron enabled in isolation. As more and more is
> integrated it makes less sense to keep the isolation, and if anything it
> is starting to make things harder such as testing.
>
> The default configuration I have planned is for components to be updated
> to reference Elytron and for the Elytron configuration to be closely
> aligned with the existing default configuration, i.e. Digest
> authentication, backed by properties file and local authentication.
>
> We did think if we should enable stronger authentication immediately but
> that will break the existing clients already out there, if we do this in
> stages the clients should have had a chance to be updated to Elytron so
> when we do switch to stronger authentication by default the clients will
> be ready.
>
> So step 1, I will move the Elytron extension and subsystem definition(s)
> into the existing configurations we ship and remove the *-elytron.xml
> definitions.
>
> We will then incrementally update resources that reference security
> services to reference Elytron capabilities.
>
> Regards,
> Darran Lofthouse.
>
> _______________________________________________
> wildfly-dev mailing list
> wildfly-dev(a)lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/wildfly-dev