[security-dev] PicketLink3 and Apache Deltaspike Dependencies

Anil Saldhana Anil.Saldhana at redhat.com
Fri Feb 15 10:18:23 EST 2013


I guess we may have to create a leaner Deltaspike security extension. 
Currently it pulls a lot of core DS classes. We may not need a lot of 
the crafty stuff
that exists in Apache DS Security Extension, just to kick in a Security 
Interceptor.

On 02/15/2013 09:09 AM, Pete Muir wrote:
> I'll try to talk to Shane synchronously, as I think this is possible.
>
> On 15 Feb 2013, at 14:54, Anil Saldhana wrote:
>
>> I think I brought over more classes than PL core needed. But things were
>> broken at runtime.  Shane took a look and said that we will pull more
>> core DS classes if we bring the additional security related classes that
>> I missed.  So we decided to revert and think of a plan B. :)
>>
>> On 02/15/2013 05:49 AM, Pete Muir wrote:
>>> Does this commit cover everything, or did you need more?
>>>
>>> https://github.com/picketlink/picketlink/commit/2a9d1894dc1e15320d227377c2dd3372651377c0
>>>
>>> Particularly the config stuff and project stage stuff I would expect us to be able remove the need for.
>>>
>>> On 15 Feb 2013, at 04:34, Jason Porter wrote:
>>>
>>>> It may not be the best option, but we should probably stick with v0.3 for now.
>>>>
>>>> Sent from my iPhone
>>>>
>>>> On Feb 14, 2013, at 18:31, Anil Saldhana <asaldhan at redhat.com> wrote:
>>>>
>>>>> Nothing needed.
>>>>>
>>>>> On Feb 14, 2013, at 6:47 PM, Jason Porter <lightguard.jp at gmail.com> wrote:
>>>>>
>>>>>> Is there anything in v0.4 you need, or can you simply get by with v0.3
>>>>>>
>>>>>> Sent from my iPhone
>>>>>>
>>>>>> On Feb 14, 2013, at 17:29, Anil Saldhana <Anil.Saldhana at redhat.com> wrote:
>>>>>>
>>>>>>> Scratch this plan.  Shane and I determined that this is larger than we
>>>>>>> originally thought -> lots of DS classes need to be forked.
>>>>>>>
>>>>>>>
>>>>>>> On 02/13/2013 10:25 AM, Anil Saldhana wrote:
>>>>>>>> Hi all,
>>>>>>>> PicketLink3 is on the final stretch of release cycles.  One of the
>>>>>>>> concerns I have had is the Apache Deltaspike dependency which is some
>>>>>>>> type of incubating snapshot. Since there are very few Deltaspike classes
>>>>>>>> (3-5 in number) that we depend on, the following strategy should work:
>>>>>>>> - Copy the source files (Retaining Apache Headers) as it is from Apache
>>>>>>>> Deltaspike to a PicketLink namespace such as : org.picketlink.deltaspike.*
>>>>>>>> - Remove the Apache Deltaspike dependency.
>>>>>>>>
>>>>>>>> In few months, when Apache Deltaspike has proper releases, we can remove
>>>>>>>> the PicketLink Deltaspike forked classes and bring back the Apache
>>>>>>>> Deltaspike dependency back.  I do not think PicketLink users will
>>>>>>>> directly code to DS classes.
>>>>>>>>
>>>>>>>> I ran this with Pete Muir, Shane and Jason Porter and they all agreed
>>>>>>>> that this is a good strategy (I did refine the strategy based on Shane's
>>>>>>>> comments).
>>>>>>>>
>>>>>>>> Regards,
>>>>>>>> Anil
>>>>>>>


More information about the security-dev mailing list