[
https://issues.apache.org/jira/browse/OAK-1476?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13925223#comment-13925223
]
Chetan Mehrotra commented on OAK-1476:
--------------------------------------
bq. I don't think that is correct using OPTIONAL references in the security
provider.
As explained in 'Customizing Config' section above the user can pre configure
whether given config is optional or mandatory. The proposed approach ensures
that SecurityProvider starts with a proper state and repository would never see
wrong config
Other option is that we make all references static and user must provide config
files for all the security configurations. That I believe can be avoided with
the approach suggested above
bq. Ultimately, I think we should get rid of the SecurityProvider, as it
currently only acts merely as service registry for the security bits.
Thats right. But before proposing patch for that (as thats bit bigger change) I
would like to ensure that current setup works properly
> Hardcoded SecurityProvider implementation in oak-jcr Activator
> --------------------------------------------------------------
>
> Key: OAK-1476
> URL: https://issues.apache.org/jira/browse/OAK-1476
> Project: Jackrabbit Oak
> Issue Type: Bug
> Components: jcr
> Reporter: angela
> Assignee: Chetan Mehrotra
> Fix For: 0.20
>
> Attachments: OAK-1476.patch
>
>
> the Activator in o.a.j.oak.jcr.jcr.osgi contains a hardcoded reference to the
> SecurityProviderImpl. This is obviously not the desired outcome of making the
> security part pluggable at runtime.
> [~jukkaz], since you are the author of the Activator, could you take a look
> at this again?
--
This message was sent by Atlassian JIRA
(v6.2#6252)
