Hi Cris, On Fri, 2021-02-05 at 12:44 -0500, Cris Rockwell wrote: > Hi Sling devs, > > Maybe you saw this already in the dev email feed from my Jira > comment. But here’s the comment I posted to the SAML Jira ticket [1] > > > One of the open items identified in the ticket description regards > SAML2ConfigService and the implementation SAML2ConfigServiceImpl. > This service provides SAML configurations to > AuthenticationHandlerSAML2 and Saml2UserMgtServiceImpl. > Because SAML2ConfigService has keystore information, I find it > uncomfortable making it generally available as an OSGI whiteboard > service. I would like some feedback about the appropriate way to > provide sensitive configurations only to the required services.
Who are you trying to protect the sensitive data from? As far as I can tell Sling is mostly being run in a single-tenant manner and there is no effort to make it multi-tenant. If you're trying to make it safe from malicious code deployed in the same JVM, I'd say that all bets are off already. Thanks, Robert
