You are viewing a plain text version of this content. The canonical link for it is here.

Posted to oak-issues@jackrabbit.apache.org by "angela (JIRA)" <ji...@apache.org> on 2018/05/16 12:04:00 UTC

[jira] [Created] (OAK-7498) Security code should not depend on implementation details in oak-core

angela created OAK-7498:
---------------------------

             Summary: Security code should not depend on implementation details in oak-core
                 Key: OAK-7498
                 URL: https://issues.apache.org/jira/browse/OAK-7498
             Project: Jackrabbit Oak
          Issue Type: Improvement
          Components: auth-external, auth-ldap, authorization-cug, core, security
            Reporter: angela


[~stillalex], I have been looking at the remaining dependencies of the oak security code base to implementation details in oak-core and found the following main categories (in order of frequency):

- dependency to 'plugins' like nodetype/namespace/version/identifier management, read-only
- dependency to indexing implementation details (mainly in repository initializers): {{IndexConstants, {{IndexUtils}}, hardcoded {{*IndexProvider}}
- hardcoded {{RootProviderService}} and {{TreeProviderService}} in {{SecurityProviderBuilder}} and the deprecated {{SecurityProviderImpl}}
- one usage of {{ReadWriteVersionManager.getOrCreateVersionHistory}} in {{VersionablePathHook}}
- one usage of {{RootFactory.createSystemRoot}} in {{UserInitializer}} linked to the setup of indices.

IMO it would be desirable to get rid of these dependencies implementation details (at least in the security code base in an initial stage).




--
This message was sent by Atlassian JIRA
(v7.6.3#76005)