You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@archiva.apache.org by "Brett Porter (JIRA)" <ji...@codehaus.org> on 2009/03/11 13:12:13 UTC
[jira] Updated: (MRM-1131) user credentials needs centralisation
and simplification clean up
[ http://jira.codehaus.org/browse/MRM-1131?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Brett Porter updated MRM-1131:
------------------------------
Attachment: MRM-1131.diff
> user credentials needs centralisation and simplification clean up
> -----------------------------------------------------------------
>
> Key: MRM-1131
> URL: http://jira.codehaus.org/browse/MRM-1131
> Project: Archiva
> Issue Type: Improvement
> Components: web application
> Affects Versions: 1.2-M1
> Reporter: Brett Porter
> Fix For: 1.3
>
> Attachments: MRM-1131.diff
>
>
> attached is a refactoring I was experimenting with, however became too extensive for 1.2. I noticed a couple of test failures so it may have been too aggressive.
> Note some problems in the current code though:
> * principal is propogated into domain code (search, browse), only for logging
> * user repositories is a poor abstraction (eg, it will fall away as we move to artifact level security or other types)
> too many combinations for obtaining the principal in xwork-user - it should be set by an interceptor consistently, and non-struts code should have a single way to query the request for the credentials
> * audit events should use an MDC for the logged in user and IP address
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://jira.codehaus.org/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira