User Story #328 (new)
Opened 18 years ago
Last modified 14 years ago
Rework SecuritySystem — at Initial Version
Reported by: | jamoore | Owned by: | jamoore |
---|---|---|---|
Priority: | critical | Milestone: | 3.0-M3 |
Component: | Security | Keywords: | iteration5 |
Cc: | Story Points: | n.a. | |
Sprint: | n.a. | Importance: | n.a. |
Total Remaining Time: | n.a. | Estimated Remaining Time: | n.a. |
Description
The SecuritySystem can be substantially simplified and have a good deal of its logic hidden now that its API is stabilizing. It has accumulated too many responsibilities (like being the holder for thread context rather than event context). As well, #326 requires serializable, read-only event context state.
Work items:
- Add ome.security.basic package (possibly ome.services.security.basic)
- Move BasicSecuritySystem to *.basic
- Move ThreadLocalEventContext to *.basic or have *.basic.CurrentDetails implement EventContext
- Add all needed methods to EventContext
- Make SimpleEventContext serializable
- Add getEventContext to StatefulServiceInterface
- Add EventContext.copy()
- Add SecuritySystem.getEventContext()
- Add SecuritySystem.getSecurityRoles() (Serializable)
- Add IAdmin.getSecurityRoles()
- Refactor some of EventHandler to SessionHandler
- Add SecuritySystem.getInternal().getACLEventListener() and co. (remove allow* and throw* from API) or BasicSecuritySystem as FactoryBean
Note: See
TracTickets for help on using
tickets.
You may also have a look at Agilo extensions to the ticket.