You are viewing a plain text version of this content. The canonical link for it is here.
Posted to fx-dev@ws.apache.org by Werner Dittmann <We...@t-online.de> on 2005/08/30 22:23:57 UTC
WSSecurity engine - some problems need to be solved
All,
once upon a time the WSSecurityEngine was a real singleton class.
Some time ago non-static variables sneaked into the code, wsconfig
was introduced, etc. Looking at the code one could easily see that
the "singleton" property of this class is gone. The problem here is:
currently the handlers use it as a singleton!
Two ways to solve the problem:
1st: give up the singleton property and adapt the handlers to use it as
an ordinary class. This would involve modifications at the handlers
and any other class or implementation that uses WSSecurityEngine.
This also affects implementations that are not under our control.
2nd: Try to make it a singleton class again. That would influence other
implementations that use the non-static variables that were
introduced some time ago (see above). Then we have to deal with
that. AFAIK these are part of WSS4J and could probably be modified
(this needs to be evaluated).
Any ideas?
Regards,
Werner
---------------------------------------------------------------------
To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: wss4j-dev-help@ws.apache.org
Re: WSSecurity engine - some problems need to be solved
Posted by Davanum Srinivas <da...@gmail.com>.
Either way is ok with me, let's make sure we document the assumption
this time. We need to make sure we don't repeat the problem ("leak")
again :)
-- dims
On 8/30/05, Werner Dittmann <We...@t-online.de> wrote:
> All,
>
> once upon a time the WSSecurityEngine was a real singleton class.
>
> Some time ago non-static variables sneaked into the code, wsconfig
> was introduced, etc. Looking at the code one could easily see that
> the "singleton" property of this class is gone. The problem here is:
> currently the handlers use it as a singleton!
>
> Two ways to solve the problem:
> 1st: give up the singleton property and adapt the handlers to use it as
> an ordinary class. This would involve modifications at the handlers
> and any other class or implementation that uses WSSecurityEngine.
>
> This also affects implementations that are not under our control.
>
> 2nd: Try to make it a singleton class again. That would influence other
> implementations that use the non-static variables that were
> introduced some time ago (see above). Then we have to deal with
> that. AFAIK these are part of WSS4J and could probably be modified
> (this needs to be evaluated).
>
> Any ideas?
>
> Regards,
> Werner
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
> For additional commands, e-mail: wss4j-dev-help@ws.apache.org
>
>
--
Davanum Srinivas : http://wso2.com/ - Oxygenating The Web Service Platform
---------------------------------------------------------------------
To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: wss4j-dev-help@ws.apache.org
Re: WSSecurity engine - some problems need to be solved
Posted by Davanum Srinivas <da...@gmail.com>.
Either way is ok with me, let's make sure we document the assumption
this time. We need to make sure we don't repeat the problem ("leak")
again :)
-- dims
On 8/30/05, Werner Dittmann <We...@t-online.de> wrote:
> All,
>
> once upon a time the WSSecurityEngine was a real singleton class.
>
> Some time ago non-static variables sneaked into the code, wsconfig
> was introduced, etc. Looking at the code one could easily see that
> the "singleton" property of this class is gone. The problem here is:
> currently the handlers use it as a singleton!
>
> Two ways to solve the problem:
> 1st: give up the singleton property and adapt the handlers to use it as
> an ordinary class. This would involve modifications at the handlers
> and any other class or implementation that uses WSSecurityEngine.
>
> This also affects implementations that are not under our control.
>
> 2nd: Try to make it a singleton class again. That would influence other
> implementations that use the non-static variables that were
> introduced some time ago (see above). Then we have to deal with
> that. AFAIK these are part of WSS4J and could probably be modified
> (this needs to be evaluated).
>
> Any ideas?
>
> Regards,
> Werner
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
> For additional commands, e-mail: wss4j-dev-help@ws.apache.org
>
>
--
Davanum Srinivas : http://wso2.com/ - Oxygenating The Web Service Platform
---------------------------------------------------------------------
To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: wss4j-dev-help@ws.apache.org