[cdi-dev] [JBoss JIRA] (CDI-597) Make Principal unwrappable
Arjan t (JIRA)
issues at jboss.org
Wed Apr 6 11:34:00 EDT 2016
[ https://issues.jboss.org/browse/CDI-597?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13187837#comment-13187837 ]
Arjan t commented on CDI-597:
-----------------------------
{quote}it is in JAAS {quote}
But not all application servers use JAAS, and JAAS is not a mandatory part of Java EE or Servlet. Unless... unless you're referring to the JASPIC LoginModule bridge profile ;) But then the {{CallerPrincipalCallback}} is the primary artifact to deal with, and the SAM just gets the {{Principal}} from the {{LoginModule}}.
{quote}
+100 to move it to security spec. That said it means principal injection moves too since today it is in CDI (shouldn't have been I agree)
{quote}
Okay, would be great if we can make this happen.
> Make Principal unwrappable
> --------------------------
>
> Key: CDI-597
> URL: https://issues.jboss.org/browse/CDI-597
> Project: CDI Specification Issues
> Issue Type: Epic
> Reporter: Romain Manni-Bucau
>
> CDI allows to get injected a Principal but often you need to access the actual Principal instance when you need more than a name. Since the injection is a proxy (otherwise it would be broken in most of scoped wrapper instances cases) we would need a CDI solution to unwrap this instance.
> Solution I see without creating a new kind of API but just something specific to this case: CDIPrincipal extends Principal { <T> T unwrap(Class<T> t) } and allow to get it injected directly as Principal today.
> This issue can be linked to CDI-10 but here it is safe to add unwrap() where on CDI-10 it is not (too general).
--
This message was sent by Atlassian JIRA
(v6.4.11#64026)
More information about the cdi-dev
mailing list