You are viewing a plain text version of this content. The canonical link for it is here.

Posted to oak-issues@jackrabbit.apache.org by "Francesco Mari (JIRA)" <ji...@apache.org> on 2015/09/04 18:32:45 UTC

[jira] [Commented] (OAK-3201) Use static references in SecurityProviderImpl for composite services

    [ https://issues.apache.org/jira/browse/OAK-3201?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14731031#comment-14731031 ] 

Francesco Mari commented on OAK-3201:
-------------------------------------

[~anchela], I agree with you with the idea that services like {{AuthorizableNodeName}} should not be linked directly to {{SecurityProviderImpl}}. They should be attached directly to the components using them, instead.

Since running a {{SecurityProvider}} without OSGi looks like an important use case, I suggest doing a relatively simple (albeit lengthy) refactoring of {{SecurityProviderImpl}}. The purpose of the refactoring would be to create an implementation of {{SecurityProvider}} completely independent of OSGi. When this implementation is in place, I can create a set of OSGi components on top of it capable of automatically taking care of dependency injection. When the {{SecurityProvider}} is used without OSGi, the dependencies should be instantiated and linked manually.

This way, the {{SecurityProvider}} implementation will be cleaner, since the code doesn't have {{@Component}} and {{@Reference}} annotations all over the place.

What do you think?

> Use static references in SecurityProviderImpl for composite services
> --------------------------------------------------------------------
>
>                 Key: OAK-3201
>                 URL: https://issues.apache.org/jira/browse/OAK-3201
>             Project: Jackrabbit Oak
>          Issue Type: Bug
>          Components: core
>            Reporter: Francesco Mari
>            Assignee: Francesco Mari
>         Attachments: OAK-3201-01.patch
>
>
> {{SecurityProviderImpl}} has dynamic references to many other services, like {{RestrictionProvider}}, that represent the configuration of this component.
> Being these services dynamic, the OSGi runtime has no clear dependency relationship between the {{SecurityProviderImpl}} and the required services. Thus, it may happen that an instance of {{SecurityProviderImpl}} is published before the services it requires are started, creating a window where the {{SecurityProviderimpl}} is operating differently from the way it's configured.
> I suggest to turn the dynamic references in {{SecurityProviderImpl}} to static ones to improve the consistency of the implementation.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)