[icedtea-web] RFC: integrate jnlp authenticator into rest of security system
Omair Majid
omajid at redhat.com
Fri Feb 25 08:12:12 PST 2011
On 12/20/2010 02:24 PM, Omair Majid wrote:
> On 12/20/2010 02:12 PM, Dr Andrew John Hughes wrote:
>> On 13:38 Mon 20 Dec , Omair Majid wrote:
>>> On 12/20/2010 01:26 PM, Dr Andrew John Hughes wrote:
>>>> On 13:15 Mon 20 Dec , Omair Majid wrote:
>>>>> Hi,
>>>>>
>>>>> The attached patches further integrates JNLPAuthenticator and
>>>>> PasswordAuthenticationDialog into icedtea-web. The patches shows the
>>>>> dialogs using the secure thread, localizes strings, and removes
>>>>> hardcoded mention of the icedteaplugin.
>>>>>
>>>>> I have split the change into two patches: one deals with renaming
>>>>> files,
>>>>> the other deals with the actual code changes.
>>>>>
>>>>> The first patch renames classes to ensure consistency. It contains no
>>>>> functional changes (other than those required for renaming). The class
>>>>> net.sourceforge.jnlp.security.SecurityWarning is renamed to
>>>>> net.sourceforge.jnlp.security.SecurityDialogs,
>>>>> net.sourceforge.jnlp.security.SecurityWarningDialog is renamed to
>>>>> net.sourceforge.jnlp.security.SecurityDialog and
>>>>> net.sourceforge.jnlp.security.PasswordAuthenticationDialog is
>>>>> renamed to
>>>>> net.sourceforge.jnlp.PasswordAuthenticationPanel.
>>>>>
>>>>
>>>> What is the reason for the renaming? Could we not delay this until
>>>> the 2.0 series?
>>>>
>>>
>>> Well, the SecurityWarning class should show security _warnings_. The
>>> second patch modifies (the original) SecurityWarning and
>>> SecurityWarningDialog classes to display authentication dialogs dialogs
>>> (along with warning dialogs). An authentication dialog is not a warning,
>>> and hence the rename.
>>>
>>> In general, the idea is that anything sensitive that requires a GUI
>>> dialog should be run through SecurityWarning/SecurityDialog.
>>>
>>> If you think that we we should hold off the rename, I am fine with that.
>>> The names of classes might be misleading/awkward for a while then.
>>>
>>
>> Are we planning other API changes in 1.1? I'm just trying to work out the
>> extent to which we see 1.1 as stable, I guess. If we are making other API
>> changes, then I guess the rename is ok.
>
> That depends on how you define API changes. We definitely will be adding
> classes in the 1.1 time frame, but I am not sure if we have any more
> renames/removals planned.
>
Any thoughts? If you are not ok with renaming the class, then I would
like to skip that bit and apply the second part of the patch (which
integrates the authentication dialog into the rest of the security system).
Thanks,
Omair
More information about the distro-pkg-dev
mailing list