[wildfly-dev] Weld 3 & Wildfly 11 integration - help with security needed
Stuart Douglas
stuart.w.douglas at gmail.com
Sun Apr 30 19:10:16 EDT 2017
So looking at the code I am not sure if this is possible to adapt to
Elytron without an API change on the Weld side of things.
This issue is in the Weld SecurityContext, which just as associate and
disassociate methods, while elytron uses a more functional approach.
I think this API needs to be change so SecurityContext just has a
run(PrivilidgedExceptionAction action) method, where the implementation
would look something like:
elytronDomain.getCurrentSecurityIdentity().runAs(action)
Not sure how hard to do this will be from the Weld side and I am not sure
how this method is actually used.
Stuart
On Mon, Apr 24, 2017 at 10:32 PM, Matej Novotny <manovotn at redhat.com> wrote:
> Hello,
>
> recently I decided, that Weld 3 (CDI 2.0, currently nearing Final at high
> speed) should be running on WildFly 11.
> Up until now, we had the integration based on 10.1.0.Final but for several
> reasons we want to move to 11.
>
> There were some changes and I figured out most of them but I am lost when
> it comes to security.
> I know Elytron was added but I don't know a damn thing about it - could
> anyone lend a hand here, please?
>
> The code is now located at this branch[1] and the very last commit shows
> the integration done.
> Vast majority is just taken from previous integration with 10.1.0.Final
> (branch 10.1.0.Final-weld3).
> The part I am concerned about is weld/subsystem/src/main/java/
> org/jboss/as/weld/services/bootstrap/WeldSecurityServices.java [2]
> 'getPrincipal'[3] method was earlier adapted to Elytron, and I am thinking
> the other methods should perhaps be adjusted as well?
> But then again, I have no idea how to do that with Elytron... a penny for
> your thoughts?
>
> Regards
> Matej
>
> ____________________________________________________________
> ________________________________________________________________________
> [1]https://github.com/weld/wildfly/tree/11.0.0.Alpha1-weld3
> [2]https://github.com/weld/wildfly/blob/11.0.0.Alpha1-
> weld3/weld/subsystem/src/main/java/org/jboss/as/weld/services/bootstrap/
> WeldSecurityServices.java
> [3]https://github.com/weld/wildfly/blob/11.0.0.Alpha1-
> weld3/weld/subsystem/src/main/java/org/jboss/as/weld/services/bootstrap/
> WeldSecurityServices.java#L69
> _______________________________________________
> wildfly-dev mailing list
> wildfly-dev at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/wildfly-dev
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/wildfly-dev/attachments/20170501/a40cb1e3/attachment.html
More information about the wildfly-dev
mailing list