[jboss-jira] [JBoss JIRA] (WFLY-8323) The datasources and resource-adapters subsystems introduce hard requirements for the legacy security subsystem

Brian Stansberry (JIRA) issues at jboss.org
Thu Mar 9 08:13:00 EST 2017 

     [ https://issues.jboss.org/browse/WFLY-8323?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Brian Stansberry updated WFLY-8323:
-----------------------------------
    Description: 
There are code paths in the connector module that result in dependencies on services provided by the legacy security subsystem being added to ds and r-a services even though the ds or r-a config doesn't require the depended on services. This will force users to retain the legacy subsystem in their config even though it is otherwise unnecessary.

The services are org.jboss.as.security.service.SubjectFactoryService and org.jboss.as.security.service.SimpleSecurityManagerService.



  was:
There are code paths in the connector module that result in dependencies on services provided by the legacy security subsystem being added to ds and r-a services even though the ds or r-a config doesn't require the depended on services. This will force users to retain the legacy subsystem in their config even though it is otherwise unnecessary.

The services are org.jboss.as.security.service.SubjectFactoryService and org.jboss.as.security.service.SimpleSecurityManagerService.

Related to this, the configuration xml includes some 'elytron-enabled' attributes that appear to be redundant, since 'authentication-context' attributes indicate a need for elytron. I believe resolving the main subject of this JIRA may help clarify whether those attributes are adding value, since a fix will involve analysis of what scenarios indicate a requirement for the legacy security services and what do not. If all those cases can be identified without resorting to the user declaring 'elytron-enabled' that's a good sign that 'elytron-enabled' is not adding value.



> The datasources and resource-adapters subsystems introduce hard requirements for the legacy security subsystem
> --------------------------------------------------------------------------------------------------------------
>
>                 Key: WFLY-8323
>                 URL: https://issues.jboss.org/browse/WFLY-8323
>             Project: WildFly
>          Issue Type: Bug
>          Components: JCA
>            Reporter: Brian Stansberry
>            Assignee: Brian Stansberry
>            Priority: Critical
>
> There are code paths in the connector module that result in dependencies on services provided by the legacy security subsystem being added to ds and r-a services even though the ds or r-a config doesn't require the depended on services. This will force users to retain the legacy subsystem in their config even though it is otherwise unnecessary.
> The services are org.jboss.as.security.service.SubjectFactoryService and org.jboss.as.security.service.SimpleSecurityManagerService.



--
This message was sent by Atlassian JIRA
(v7.2.3#72005)

More information about the jboss-jira mailing list