[wildfly-dev] Time to remove *-elytron.xml Configurations

Darran Lofthouse darran.lofthouse at jboss.com
Sun Dec 11 10:00:09 EST 2016


On 09/12/16 16:34, Scott Marlow wrote:
> After we have completely switched to Elytron, will there be
> *-legacy.xml files for switching back to Picketbox?

I do not expect so.

For anyone who identifies a need to use the PicketBox based security I 
think our best option is to provide the management ops to add it back. 
For anyone else already using PicketBox I would expect them to bring 
their old configuration to WildFly 11 and so will be unaffected by this 
discussion.

> On Fri, Dec 9, 2016 at 6:27 AM, Darran Lofthouse
> <darran.lofthouse at jboss.com> wrote:
>> I think it is now time to start removing the *-elytron.xml
>> configurations from the feature packs, these were added so we could
>> start to get Elytron enabled in isolation.  As more and more is
>> integrated it makes less sense to keep the isolation, and if anything it
>> is starting to make things harder such as testing.
>>
>> The default configuration I have planned is for components to be updated
>> to reference Elytron and for the Elytron configuration to be closely
>> aligned with the existing default configuration, i.e. Digest
>> authentication, backed by properties file and local authentication.
>>
>> We did think if we should enable stronger authentication immediately but
>> that will break the existing clients already out there, if we do this in
>> stages the clients should have had a chance to be updated to Elytron so
>> when we do switch to stronger authentication by default the clients will
>> be ready.
>>
>> So step 1, I will move the Elytron extension and subsystem definition(s)
>> into the existing configurations we ship and remove the *-elytron.xml
>> definitions.
>>
>> We will then incrementally update resources that reference security
>> services to reference Elytron capabilities.
>>
>> Regards,
>> Darran Lofthouse.
>>
>> _______________________________________________
>> wildfly-dev mailing list
>> wildfly-dev at lists.jboss.org
>> https://lists.jboss.org/mailman/listinfo/wildfly-dev


More information about the wildfly-dev mailing list