You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@archiva.apache.org by "Brett Porter (JIRA)" <ji...@codehaus.org> on 2010/02/23 10:53:55 UTC
[jira] Updated: (MRM-1131) user credentials needs centralisation
and simplification clean up
[ http://jira.codehaus.org/browse/MRM-1131?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Brett Porter updated MRM-1131:
------------------------------
Fix Version/s: (was: 1.4)
Backlog
still relevant, even though many instances in the database have been removed. For review in a wider refactoring.
> user credentials needs centralisation and simplification clean up
> -----------------------------------------------------------------
>
> Key: MRM-1131
> URL: http://jira.codehaus.org/browse/MRM-1131
> Project: Archiva
> Issue Type: Improvement
> Components: web application
> Affects Versions: 1.2-M1
> Reporter: Brett Porter
> Fix For: Backlog
>
> Attachments: MRM-1131.diff
>
>
> attached is a refactoring I was experimenting with, however became too extensive for 1.2. I noticed a couple of test failures so it may have been too aggressive.
> Note some problems in the current code though:
> * principal is propogated into domain code (search, browse), only for logging
> * user repositories is a poor abstraction (eg, it will fall away as we move to artifact level security or other types)
> too many combinations for obtaining the principal in xwork-user - it should be set by an interceptor consistently, and non-struts code should have a single way to query the request for the credentials
> * audit events should use an MDC for the logged in user and IP address
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://jira.codehaus.org/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira