stanbol-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Rupert Westenthaler <rupert.westentha...@gmail.com>
Subject Re: [POLL] make "-no-security" the default
Date Fri, 05 Apr 2013 11:51:22 GMT
Hi all,

My viewpoint is as follows:

* Disabling Security as default: Stanbol is still not functioning to
100% if the Security-Manager is enabled hence IMHO deactivating this
feature is the logical consequence.

* Enabling Security for IntegrationTests - because when you change
things, than it is good to validate if it runs if an SecurityManager
is present. Sometimes small changes do break security stuff (e.g. if a
library that loads stuff via context classloader is imported from a
different bundle the SecurityManager might say NO) ... meaning that
even configuration changes might break code ... so having those things
tested is important (unless we decide to not support SecurityManager
stuff at all - like it is done my Solr, Tika ... but this was part of
[1] and I accept the decision)

To ensure that Stanbol is 100% working with the Security-Manager
enabled is not only the question of fixing all those components. It
will also require to test all those components during the
integration-tests and as all those components depend on some external
services this is not an easy thing to achieve. Because (1) this would
also mean that failures of remote services would fail the
integration-tests and (2) it will no longer allow to complete the
integration-tests while offline.
On the other side having not all component tested with active
SecurityManager would make it very possible that some minor change
(such as a version upgrade of a dependency) could break an component
without noticed by the Developer nor the Jenkins build.

To Summarize: As long as there are no solutions for those things I
would really like to have security deactivated by default. This means
that users that are not bordered with it will not run into problems
they would not need to boarder with. Users that do need (use) the
security features will run into those problems. Those users will also
more likely understand those issues and report/patch them.

WDYT
Rupert

p.s.
On Fri, Apr 5, 2013 at 9:59 AM, Adrian Gschwend <ml-ktk@netlabs.org> wrote:
> WTF

I hope the this stand for "Want To Fix" otherwise I would recommend to
think twice before hitting the send button if the receiver includes a
public mailing list ...



--
| Rupert Westenthaler             rupert.westenthaler@gmail.com
| Bodenlehenstra├če 11                             ++43-699-11108907
| A-5500 Bischofshofen

Mime
View raw message