[jboss-jira] [JBoss JIRA] (WFLY-11137) Make undertow extension module's dependency on org.jboss.as.security module optional
James Perkins (Jira)
issues at jboss.org
Tue Dec 11 12:52:01 EST 2018
[ https://issues.jboss.org/browse/WFLY-11137?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
James Perkins updated WFLY-11137:
---------------------------------
Fix Version/s: 15.0.0.Final
> Make undertow extension module's dependency on org.jboss.as.security module optional
> ------------------------------------------------------------------------------------
>
> Key: WFLY-11137
> URL: https://issues.jboss.org/browse/WFLY-11137
> Project: WildFly
> Issue Type: Task
> Components: Security, Web (Undertow)
> Reporter: Brian Stansberry
> Assignee: Yeray Borges
> Priority: Major
> Fix For: 15.0.0.Beta1, 15.0.0.Final
>
>
> Don't require the legacy security subsystem module if it's not actually used.
> Usage looks like this:
> {code}
> wildfly bstansberry$ cd undertow/
> undertow bstansberry$ git grep org.jboss.as.security
> src/main/java/org/wildfly/extension/undertow/deployment/UndertowDeploymentInfoService.java:import org.jboss.as.security.plugins.SecurityDomainContext;
> src/main/java/org/wildfly/extension/undertow/deployment/UndertowDeploymentProcessor.java:import org.jboss.as.security.deployment.AbstractSecurityDeployer;
> src/main/java/org/wildfly/extension/undertow/deployment/UndertowDeploymentProcessor.java:import org.jboss.as.security.deployment.SecurityAttachments;
> src/main/java/org/wildfly/extension/undertow/deployment/UndertowDeploymentProcessor.java:import org.jboss.as.security.plugins.SecurityDomainContext;
> src/main/java/org/wildfly/extension/undertow/deployment/UndertowDeploymentProcessor.java:import org.jboss.as.security.service.JaccService;
> src/main/java/org/wildfly/extension/undertow/deployment/UndertowDeploymentProcessor.java:import org.jboss.as.security.service.SecurityDomainService;
> src/main/java/org/wildfly/extension/undertow/security/DigestCredentialImpl.java:import org.jboss.as.security.DigestCredential;
> src/main/java/org/wildfly/extension/undertow/security/JAASIdentityManagerImpl.java:import org.jboss.as.security.plugins.SecurityDomainContext;
> src/main/java/org/wildfly/extension/undertow/security/SecurityContextThreadSetupAction.java:import org.jboss.as.security.plugins.SecurityDomainContext;
> src/main/java/org/wildfly/extension/undertow/security/jacc/WarJACCDeployer.java:import org.jboss.as.security.deployment.AbstractSecurityDeployer;
> src/main/java/org/wildfly/extension/undertow/security/jacc/WarJACCDeployer.java:import org.jboss.as.security.service.JaccService;
> src/main/java/org/wildfly/extension/undertow/security/jacc/WarJACCService.java:import org.jboss.as.security.service.JaccService;
> {code}
> Dropping the use of SecurityAttachments from UndertowDeploymentProcessor and instead having it check for the presence of the org.wildfly.legacy-security capability will go a long way here. After that, most if not all of the other uses only get called either as a result of that check being true, or some config attribute that directly or indirectly references a security domain. IOW the other uses are only needed if the security subsystem is known to be configured.
> Per Intellij, DigestCredentialImpl is unused.
--
This message was sent by Atlassian Jira
(v7.12.1#712002)
More information about the jboss-jira
mailing list