Uploaded image for project: 'WildFly'
  1. WildFly
  2. WFLY-13889 Ongoing review of modules depending on PicketBox
  3. WFLY-13679

Make legacy security optional for "org.wildfly.iiop-openjdk"

    XMLWordPrintable

Details

    Description

      The dependency needs to optional so provisioning a layer with iiop-openjdk does not automatically pull in legacy security.

      This is not just about making the module dependency optional, this is about understanding why it is not optional and identifying the steps required to make it optional.

      This needs to consider:

      • Default Configuration
      • User Defined Configuration

      Both of these can have different consequences depending on of they are used for:

      • Resource defined services
      • DeploymentUnitProcessor processing

      iiop-openjdk module.xml: https://github.com/wildfly/wildfly/blob/master/ee-feature-pack/common/src/main/resources/modules/system/layers/base/org/wildfly/iiop-openjdk/main/module.xml

       

      $ find -name *.java | xargs grep org.jboss.security
      ./src/test/java/org/wildfly/iiop/openjdk/IIOPSubsystemTransformersTestCase.java:import org.jboss.security.SecurityDomain;
      ./src/main/java/org/wildfly/iiop/openjdk/csiv2/SASClientIdentityInterceptor.java:import org.jboss.security.RunAs;
      ./src/main/java/org/wildfly/iiop/openjdk/csiv2/SecurityActions.java:import org.jboss.security.RunAs;
      ./src/main/java/org/wildfly/iiop/openjdk/csiv2/SecurityActions.java:import org.jboss.security.SecurityContextAssociation;
      ./src/main/java/org/wildfly/iiop/openjdk/security/LegacySSLSocketFactory.java:import org.jboss.security.JSSESecurityDomain;
      ./src/main/java/org/wildfly/iiop/openjdk/security/LegacySSLSocketFactory.java:import org.jboss.security.SecurityConstants;
      ./src/main/java/org/wildfly/iiop/openjdk/security/Util.java:import org.jboss.security.JSSESecurityDomain;
      ./src/main/java/org/wildfly/iiop/openjdk/security/TrustedIdentityTokenLoginModule.java:import org.jboss.security.auth.callback.SecurityAssociationCallback;
      ./src/main/java/org/wildfly/iiop/openjdk/security/TrustedIdentityTokenLoginModule.java:import org.jboss.security.auth.spi.AbstractServerLoginModule; 

      Attachments

        Issue Links

          Activity

            People

              darran.lofthouse@redhat.com Darran Lofthouse
              darran.lofthouse@redhat.com Darran Lofthouse
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: