[icedtea-web] RFC: integrate jnlp authenticator into rest of security system
Omair Majid
omajid at redhat.com
Mon Dec 20 11:24:06 PST 2010
On 12/20/2010 02:12 PM, Dr Andrew John Hughes wrote:
> On 13:38 Mon 20 Dec , Omair Majid wrote:
>> On 12/20/2010 01:26 PM, Dr Andrew John Hughes wrote:
>>> On 13:15 Mon 20 Dec , Omair Majid wrote:
>>>> Hi,
>>>>
>>>> The attached patches further integrates JNLPAuthenticator and
>>>> PasswordAuthenticationDialog into icedtea-web. The patches shows the
>>>> dialogs using the secure thread, localizes strings, and removes
>>>> hardcoded mention of the icedteaplugin.
>>>>
>>>> I have split the change into two patches: one deals with renaming files,
>>>> the other deals with the actual code changes.
>>>>
>>>> The first patch renames classes to ensure consistency. It contains no
>>>> functional changes (other than those required for renaming). The class
>>>> net.sourceforge.jnlp.security.SecurityWarning is renamed to
>>>> net.sourceforge.jnlp.security.SecurityDialogs,
>>>> net.sourceforge.jnlp.security.SecurityWarningDialog is renamed to
>>>> net.sourceforge.jnlp.security.SecurityDialog and
>>>> net.sourceforge.jnlp.security.PasswordAuthenticationDialog is renamed to
>>>> net.sourceforge.jnlp.PasswordAuthenticationPanel.
>>>>
>>>
>>> What is the reason for the renaming? Could we not delay this until the 2.0 series?
>>>
>>
>> Well, the SecurityWarning class should show security _warnings_. The
>> second patch modifies (the original) SecurityWarning and
>> SecurityWarningDialog classes to display authentication dialogs dialogs
>> (along with warning dialogs). An authentication dialog is not a warning,
>> and hence the rename.
>>
>> In general, the idea is that anything sensitive that requires a GUI
>> dialog should be run through SecurityWarning/SecurityDialog.
>>
>> If you think that we we should hold off the rename, I am fine with that.
>> The names of classes might be misleading/awkward for a while then.
>>
>
> Are we planning other API changes in 1.1? I'm just trying to work out the
> extent to which we see 1.1 as stable, I guess. If we are making other API
> changes, then I guess the rename is ok.
That depends on how you define API changes. We definitely will be adding
classes in the 1.1 time frame, but I am not sure if we have any more
renames/removals planned.
Thanks,
Omair
More information about the distro-pkg-dev
mailing list