[jboss-jira] [JBoss JIRA] (WFLY-11137) Make undertow extension module's dependency on org.jboss.as.security module optional
Brian Stansberry (Jira)
issues at jboss.org
Wed Oct 17 14:49:00 EDT 2018
[ https://issues.jboss.org/browse/WFLY-11137?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13649541#comment-13649541 ]
Brian Stansberry commented on WFLY-11137:
-----------------------------------------
[~yersan] Does the SPNEGO mechanism undertow is setting up in ServletContainerAdd work if the legacy security subsystem is not present? (Darran would know if you haven't already discussed it with him.)
> Make undertow extension module's dependency on org.jboss.as.security module optional
> ------------------------------------------------------------------------------------
>
> Key: WFLY-11137
> URL: https://issues.jboss.org/browse/WFLY-11137
> Project: WildFly
> Issue Type: Task
> Components: Security, Web (Undertow)
> Reporter: Brian Stansberry
> Assignee: Yeray Borges
> Priority: Major
>
> Don't require the legacy security subsystem module if it's not actually used.
> Usage looks like this:
> {code}
> wildfly bstansberry$ cd undertow/
> undertow bstansberry$ git grep org.jboss.as.security
> src/main/java/org/wildfly/extension/undertow/deployment/UndertowDeploymentInfoService.java:import org.jboss.as.security.plugins.SecurityDomainContext;
> src/main/java/org/wildfly/extension/undertow/deployment/UndertowDeploymentProcessor.java:import org.jboss.as.security.deployment.AbstractSecurityDeployer;
> src/main/java/org/wildfly/extension/undertow/deployment/UndertowDeploymentProcessor.java:import org.jboss.as.security.deployment.SecurityAttachments;
> src/main/java/org/wildfly/extension/undertow/deployment/UndertowDeploymentProcessor.java:import org.jboss.as.security.plugins.SecurityDomainContext;
> src/main/java/org/wildfly/extension/undertow/deployment/UndertowDeploymentProcessor.java:import org.jboss.as.security.service.JaccService;
> src/main/java/org/wildfly/extension/undertow/deployment/UndertowDeploymentProcessor.java:import org.jboss.as.security.service.SecurityDomainService;
> src/main/java/org/wildfly/extension/undertow/security/DigestCredentialImpl.java:import org.jboss.as.security.DigestCredential;
> src/main/java/org/wildfly/extension/undertow/security/JAASIdentityManagerImpl.java:import org.jboss.as.security.plugins.SecurityDomainContext;
> src/main/java/org/wildfly/extension/undertow/security/SecurityContextThreadSetupAction.java:import org.jboss.as.security.plugins.SecurityDomainContext;
> src/main/java/org/wildfly/extension/undertow/security/jacc/WarJACCDeployer.java:import org.jboss.as.security.deployment.AbstractSecurityDeployer;
> src/main/java/org/wildfly/extension/undertow/security/jacc/WarJACCDeployer.java:import org.jboss.as.security.service.JaccService;
> src/main/java/org/wildfly/extension/undertow/security/jacc/WarJACCService.java:import org.jboss.as.security.service.JaccService;
> {code}
> Dropping the use of SecurityAttachments from UndertowDeploymentProcessor and instead having it check for the presence of the org.wildfly.legacy-security capability will go a long way here. After that, most if not all of the other uses only get called either as a result of that check being true, or some config attribute that directly or indirectly references a security domain. IOW the other uses are only needed if the security subsystem is known to be configured.
> Per Intellij, DigestCredentialImpl is unused.
--
This message was sent by Atlassian Jira
(v7.12.1#712002)
More information about the jboss-jira
mailing list