[
https://issues.apache.org/jira/browse/GEODE-2056?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15633617#comment-15633617
]
Jinmei Liao commented on GEODE-2056:
------------------------------------
Some of the methods in SecurityService do make sense to be exposed, like all
the authorize methods, login, getSubject, keep all the rest internal.
> Expose GeodeSecurityService as needed
> -------------------------------------
>
> Key: GEODE-2056
> URL: https://issues.apache.org/jira/browse/GEODE-2056
> Project: Geode
> Issue Type: Sub-task
> Reporter: Jinmei Liao
>
> 2. I also think it is pertinent that the SecurityService interface [27] be in
> Geode's public API. Given this is just an interface, I am not sure why it
> was decided to make it "internal" anyway? I see no good reason NOT to expose
> this interface, especially since it would be particularly useful for both
> API/Framework (e.g. SDG) as well as tools developers developing extensions to
> Apache Geode.
> I actually did make use of the SecurityService interface [28] in SDG, despite
> my (usually) hard rule of NOT ever using any GemFire/Geode internal classes
> at all in SDG. Unfortunately, and all too often, in certain cases, such as
> the currently released version of Apache Geode, 1.0.0-incubating GA, there is
> simply no other way around it when providing support for securing Apache
> Geode, especially for making Apache Shiro first-class (something I want to
> similarly do for Spring Security).
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
