jsr-283
  1. jsr-283
  2. JSR_283-407

Add Session.getSubject (or Session.getPrincipal?)

    Details

    • Type: Task Task
    • Status: Resolved
    • Priority: Major Major
    • Resolution: Won't Fix
    • Affects Version/s: current
    • Fix Version/s: milestone 1
    • Component/s: javadoc/api
    • Labels:
      None
    • Environment:

      Operating System: All
      Platform: All

    • Issuezilla Id:
      407

      Description

      At the F2F we decided to add the following method to javax.jcr.Session:

      public javax.security.auth.Subject getSubject()

      I now wonder if we should instead add:

      public javax.security.Principal getPrincipal()

      There are 3 reasons why I think it's preferable to return the Principal instead
      of the Subject:

      • getPrincipal returns the specific identity used to authenticate. This is
        important if a person (a Subject) can authenticate to a content repository with
        more than one identity (Principal), for example "david" and "administrator".
      • The new JCR addAccessControlEntry method is passed a Principal not a Subject.
      • Returning a Principal instead of a Subject avoids introducing into JCR a
        dependency on JAAS.

        Issue Links

          Activity

          Hide
          jukka_zitting added a comment -

          I'm not convinced about the use case for Session.getSubject() (or getPrincipal).
          Could someone remind me why we need it?

          The related discussion at the F2F was about principal discovery, but it seems to
          me that being able to discover the currently logged in principal(s) is at best a
          very limited feature. It would be much more interesting to know the other
          principals that might be used to access the repository.

          Show
          jukka_zitting added a comment - I'm not convinced about the use case for Session.getSubject() (or getPrincipal). Could someone remind me why we need it? The related discussion at the F2F was about principal discovery, but it seems to me that being able to discover the currently logged in principal(s) is at best a very limited feature. It would be much more interesting to know the other principals that might be used to access the repository.
          Hide
          anchela added a comment -

          i think we are now mixing 2 separate issues:

          1) spec doesn't define how to access the principals
          of a Session.
          2) general discovery of other principals such as needed for
          ACManager.addAccessControlEntry

          the first issues was raised during the public review specially
          due to the fact that the original proposal wanted to introduce
          a requirement, that Session.getUserID is the same as the
          principal name. i think we agreed that this is not correct.
          the initially proposed and accepted solution was Session.getSubject(),
          which is now questioned by d.pitfield.
          and that's the aim of this bugzilla issue.

          the second issue is the overall principal discovery, which

          • if i'm not mistaken - would in 283 terms only be needed
            for the addAccessControlEntry method: here you want to
            define ACEs for different principals (and not only the
            principal(s) attached to the current Session object).

          we decided to remove the principal discovery from the
          specification once we went through the many flaws detected
          during public review. they lead to the question why we want
          to specify the principal discovery at all and repeating all
          the things defined in java.security.

          decision was: principal discovery is out of the scope of the specification.
          since the complete ac-section leaves almost everything to the
          implementation, i think this was a wise move.

          after all:
          but maybe the logical consequence of this would also
          be not to define how to access the Principal(s) of a
          Session object... the this issue (getSubject or getPrincipal)
          would just be obsolete.

          angela

          Show
          anchela added a comment - i think we are now mixing 2 separate issues: 1) spec doesn't define how to access the principals of a Session. 2) general discovery of other principals such as needed for ACManager.addAccessControlEntry the first issues was raised during the public review specially due to the fact that the original proposal wanted to introduce a requirement, that Session.getUserID is the same as the principal name. i think we agreed that this is not correct. the initially proposed and accepted solution was Session.getSubject(), which is now questioned by d.pitfield. and that's the aim of this bugzilla issue. the second issue is the overall principal discovery, which if i'm not mistaken - would in 283 terms only be needed for the addAccessControlEntry method: here you want to define ACEs for different principals (and not only the principal(s) attached to the current Session object). we decided to remove the principal discovery from the specification once we went through the many flaws detected during public review. they lead to the question why we want to specify the principal discovery at all and repeating all the things defined in java.security. decision was: principal discovery is out of the scope of the specification. since the complete ac-section leaves almost everything to the implementation, i think this was a wise move. after all: but maybe the logical consequence of this would also be not to define how to access the Principal(s) of a Session object... the this issue (getSubject or getPrincipal) would just be obsolete. angela
          Hide
          anchela added a comment -

          if nobody objects i will resolve this issue as WONTFIX within the next
          couple of days for the reasons listed above.

          angela

          btw: for whatever reasons the Session.getSubject already made to the
          spec despite the fact that this issue has never been started. I would then
          change the spec as well (remove the last line in 8.6.2.10 Principal Discovery)

          Show
          anchela added a comment - if nobody objects i will resolve this issue as WONTFIX within the next couple of days for the reasons listed above. angela btw: for whatever reasons the Session.getSubject already made to the spec despite the fact that this issue has never been started. I would then change the spec as well (remove the last line in 8.6.2.10 Principal Discovery)
          Hide
          Peeter Piegaze added a comment -

          RC17: Session.getSubject removed from spec.

          Show
          Peeter Piegaze added a comment - RC17: Session.getSubject removed from spec.

            People

            • Assignee:
              jsr-283-issues
              Reporter:
              dpitfiel
            • Votes:
              0 Vote for this issue
              Watchers:
              0 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: