[jboss-jira] [JBoss JIRA] (WFLY-11137) Make undertow extension module's dependency on org.jboss.as.security module optional

[Brian Stansberry (Jira)]

    [ https://issues.jboss.org/browse/WFLY-11137?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13644777#comment-13644777 ] 

Brian Stansberry commented on WFLY-11137:
-----------------------------------------

Tangent: org.jboss.as.security.deployment.SecurityAttachments should be deprecated as it encourages using a technique that requires a classloading dependency in order to do what amounts to a capability check.

> Make undertow extension module's dependency on org.jboss.as.security module optional
> ------------------------------------------------------------------------------------
>
>                 Key: WFLY-11137
>                 URL: https://issues.jboss.org/browse/WFLY-11137
>             Project: WildFly
>          Issue Type: Task
>          Components: Security, Web (Undertow)
>            Reporter: Brian Stansberry
>            Priority: Major
>
> Don't require the legacy security subsystem module if it's not actually used.
> Usage looks like this:
> {code}
> wildfly bstansberry$ cd undertow/
> undertow bstansberry$ git grep org.jboss.as.security
> src/main/java/org/wildfly/extension/undertow/deployment/UndertowDeploymentInfoService.java:import org.jboss.as.security.plugins.SecurityDomainContext;
> src/main/java/org/wildfly/extension/undertow/deployment/UndertowDeploymentProcessor.java:import org.jboss.as.security.deployment.AbstractSecurityDeployer;
> src/main/java/org/wildfly/extension/undertow/deployment/UndertowDeploymentProcessor.java:import org.jboss.as.security.deployment.SecurityAttachments;
> src/main/java/org/wildfly/extension/undertow/deployment/UndertowDeploymentProcessor.java:import org.jboss.as.security.plugins.SecurityDomainContext;
> src/main/java/org/wildfly/extension/undertow/deployment/UndertowDeploymentProcessor.java:import org.jboss.as.security.service.JaccService;
> src/main/java/org/wildfly/extension/undertow/deployment/UndertowDeploymentProcessor.java:import org.jboss.as.security.service.SecurityDomainService;
> src/main/java/org/wildfly/extension/undertow/security/DigestCredentialImpl.java:import org.jboss.as.security.DigestCredential;
> src/main/java/org/wildfly/extension/undertow/security/JAASIdentityManagerImpl.java:import org.jboss.as.security.plugins.SecurityDomainContext;
> src/main/java/org/wildfly/extension/undertow/security/SecurityContextThreadSetupAction.java:import org.jboss.as.security.plugins.SecurityDomainContext;
> src/main/java/org/wildfly/extension/undertow/security/jacc/WarJACCDeployer.java:import org.jboss.as.security.deployment.AbstractSecurityDeployer;
> src/main/java/org/wildfly/extension/undertow/security/jacc/WarJACCDeployer.java:import org.jboss.as.security.service.JaccService;
> src/main/java/org/wildfly/extension/undertow/security/jacc/WarJACCService.java:import org.jboss.as.security.service.JaccService;
> {code}
> Dropping the use of SecurityAttachments from UndertowDeploymentProcessor and instead having it check for the presence of the org.wildfly.legacy-security capability will go a long way here.  After that, most if not all of the other uses only get called either as a result of that check being true, or some config attribute that directly or indirectly references a security domain. IOW the other uses are only needed if the security subsystem is known to be configured.
> Per Intellij, DigestCredentialImpl is unused.



--
This message was sent by Atlassian Jira
(v7.12.1#712002)