[
https://issues.apache.org/jira/browse/OAK-7498?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Alex Deparvu updated OAK-7498:
------------------------------
Labels: m12n modularization (was: m12n)
> Security code should not depend on implementation details in oak-core
> ---------------------------------------------------------------------
>
> Key: OAK-7498
> URL: https://issues.apache.org/jira/browse/OAK-7498
> Project: Jackrabbit Oak
> Issue Type: Improvement
> Components: auth-external, auth-ldap, authorization-cug, core,
> security
> Reporter: angela
> Priority: Major
> Labels: m12n, modularization
>
> [~stillalex], I have been looking at the remaining dependencies of the oak
> security code base to implementation details in oak-core and found the
> following main categories (in order of frequency):
> - dependency to 'plugins' like nodetype/namespace/version/identifier
> management, read-only (OAK-7499)
> - dependency to indexing implementation details (mainly in repository
> initializers): {{IndexConstants}} (OAK-7502), {{IndexUtils}} (OAK-7501),
> hardcoded {{*IndexProvider}} (OAK-7500)
> - hardcoded {{RootProviderService}} and {{TreeProviderService}} in
> {{SecurityProviderBuilder}} and the deprecated {{SecurityProviderImpl}}
> - one usage of {{ReadWriteVersionManager.getOrCreateVersionHistory}} in
> {{VersionablePathHook}}
> - one usage of {{RootFactory.createSystemRoot}} in {{UserInitializer}} linked
> to the setup of indices.
> IMO it would be desirable to get rid of these dependencies implementation
> details (at least in the security code base in an initial stage).
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
