Thanks Jesse, I'm not sure how much hooking in the Spring Security events mechanism would have locked us more or less. In the meantime, I'm doing the inventory of the SecurityListener events fired by the most popular authentication plugins in https://github.com/jenkinsci/opentelemetry-plugin/issues/410
On Friday, April 15, 2022 at 9:31:56 PM UTC+2 Jesse Glick wrote: > On Wed, Apr 13, 2022 at 5:21 AM 'Cyrille Le Clerc' via Jenkins Developers < > [email protected]> wrote: > >> did we consider making the Jenkins SecurityListener >> <https://javadoc.jenkins.io/jenkins/security/SecurityListener.html> an >> adapter of the Spring ApplicationEventPublisher >> <https://github.com/spring-projects/spring-framework/blob/v5.3.18/spring-context/src/main/java/org/springframework/context/ApplicationEventPublisher.java> >> > > I do not believe that was ever considered or proposed. The focus was on > moving from Acegi Security idioms to the nearest Spring Security equivalent > with the minimum effort required. Expanding the coupling between Jenkins > authentication and Spring Security specifics feels like the wrong > direction—the migration to Spring Security would have been much easier had > the vast surface area of the Acegi Security API not been directly exposed > to plugins. > -- You received this message because you are subscribed to the Google Groups "Jenkins Developers" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-dev/ddddbf27-b741-4537-9142-ec438d7c7122n%40googlegroups.com.
