Re: [es-dev] Redundant getCallerName and getCallerGroups in OpenIdContex

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]

Re: [es-dev] Redundant getCallerName and getCallerGroups in OpenIdContext?

From: Ondrej Mihályi <ondrej.mihalyi@xxxxxxxxxxx>
Date: Fri, 1 Apr 2022 14:06:16 +0000
Accept-language: en-GB, sk-SK, en-US
Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=payara.fish; dmarc=pass action=none header.from=payara.fish; dkim=pass header.d=payara.fish; arc=none
Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=3yGY+RPQBq20MHQLUt9Noj1DG0y9yLn/imDPns7WmjU=; b=P+Wd7Pt/uuyRoErO3vMgeIdZroADtUY4x4/TZMOgB3tTBJK4iZTZQwcasjOaDDtgrF8vreK5NG4f6tWNeerxhTtnZB+CEv5pn5icmSpbZTQdmtK0iO2W1IhErNKp05iGIv/zAtNjA9xTgR4E/c+4oCOaZZqUHQHzvZaDqVyYVrdX39674Q5zEbR8QcSYWxYcz+Jwi6gGnIRa3mC6XJ5TIMFo+lHkG2v9hWBEeGYhyKd9E+/OxhWtqUa8zWnmGWGYz2mBKu9PrfSg2pMP6wdPOCJgSTg9rdAetIVlAGAdMZb9vekZwzlNUhFQngUuoYM1pcQwpzLzG/JvhEYzIL5+BQ==
Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=Ld522FJssyQHjWUBscrrUR1FDLLSOw83+H+tqg3fVtnFMyngsCTiXp/hkFLc7nZLyG9PQ6muLDP0Yjy9L9NxKl2Y6JGU9tuHA3ibyJzkqM0G8MH79/aQGQAAI8C4FkwW5RHfpw4I9aGOrwyJ8fUw4q/iPkvXzbdsKKa7Oli0hkcecD7Mg6Ahv2gPmMh3IjUYtHUrxiMZM9oUCA/1MhimX7CewTrzXlgM6HPweSDyiEnNodZrWs78FojEVbx8/Lkf3SkvO9ATjLSRPLvPbCKMeayx48hl1KsaND6kBXWQHChTMAqkcsMGhnfbwsSGHGHp2XAFdeYmmFyeCUnFkzXW7A==
Delivered-to: es-dev@xxxxxxxxxxx
List-archive: <https://www.eclipse.org/mailman/private/es-dev/>
List-help: <mailto:es-dev-request@eclipse.org?subject=help>
List-subscribe: <https://www.eclipse.org/mailman/listinfo/es-dev>, <mailto:es-dev-request@eclipse.org?subject=subscribe>
List-unsubscribe: <https://www.eclipse.org/mailman/options/es-dev>, <mailto:es-dev-request@eclipse.org?subject=unsubscribe>
Suggested_attachment_session_id: 3fdc1693-002e-594e-53d5-a907a8e5c376
Thread-index: AQHYRdBrvxSJ/brXuUOFvocF6A7+SA==
Thread-topic: [es-dev] Redundant getCallerName and getCallerGroups in OpenIdContext?

It seems to me that OpenIDContext provides some data specific to OpenID while SecurityContext provides general security info.

What if we made OpenIDContext extend SecurityContext?

With that, it would be enough to inject OpenIDContext and get all features of SecurityContext and the redundant method getCallerName() could be removed in favor of the inherited SecurityContext.getCallerPrincipal().

Should I submit a PR to do that?

In the future, we can also easily move the method getCallerGroups from OpenIDContext to SecurityContext without a breaking change, or leave it in OpenIDContext and introduce a lazy way to retrieve roles to prevent loading a lot of roles, e.g. using a Stream instead of Set.

Kind regards,

Ondrej Mihályi

Senior Payara Service Engineer
Payara - Supported Enterprise Software for Jakarta EE and MicroProfile Applications
US: +1 415 523 0175 | UK: +44 207 754 0481

----------------------------------------------------------------------------------------------------------------------

Payara is a proud recipient of the prestigious Queen's Award for Enterprise: International Trade 2021

Payara-Tech LDA, Registered Office: Rua Nova de São Pedro no. 54, 2nd floor, room “D”, 9000 048 Funchal, Ilha da Madeira, Portugal

VAT: PT 515158674 | www.payara.fish | info@xxxxxxxxxxx | @Payara_Fish

Prev by Date: Re: [es-dev] Jakarta Security TCK
Next by Date: [es-dev] Adding test for Authorization 2.1 TCK
Previous by thread: Re: [es-dev] Redundant getCallerName and getCallerGroups in OpenIdContext?
Next by thread: [es-dev] Jakarta Security TCK
Index(es):
- Date
- Thread

Breadcrumbs