Uploaded image for project: 'Thorntail'
  1. Thorntail
  2. THORN-1222

should the "security" fraction be autodetected for javax.annotation.security annotations?

    Details

    • Type: Bug
    • Status: Closed (View Workflow)
    • Priority: Major
    • Resolution: Done
    • Affects Version/s: None
    • Fix Version/s: 2017.5.0
    • Component/s: None
    • Labels:
      None
    • Sprint:
      2017-Apr-A

      Description

      The security fraction brings in the security subsystem, which allows defining custom security domains. I'm playing with the servlet-security EAP quickstart which is doing exactly that – it contains a CLI script that creates a security domain, but for that, the security fraction is required.

      I can of course include it manually, but I wonder if there are cases when the security fraction should be autodetected, such as presence of the javax.annotation.security annotations, or possibly presence of security-related elements in web.xml and/or jboss-web.xml. Thoughts?

      (Actually a lot of fractions bring in security transitively, but not all of them. For example jaxrs, datasources or jpa do bring it in, but undertow doesn't. So I think this would still be valuable.)

        Gliffy Diagrams

          Attachments

            Activity

              People

              • Assignee:
                bob.mcwhirter Bob McWhirter
                Reporter:
                lthon Ladislav Thon
              • Votes:
                0 Vote for this issue
                Watchers:
                1 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: