[WFLY-16195] Upgrade security quickstarts #468
Conversation
fjuma
force-pushed
the
WFLY-16195
branch
2 times, most recently
from
19a10d5 to
7cf9492
Compare
| or a confirmation that there are no security implications to consider. | ||
| //// | ||
|
|
||
| == Test Plan |
There was a problem hiding this comment.
What is the expected scope of testing on the engineering side? Just manual verification? Do the QSs have some (unit) tests (within the project) that can be leveraged? Do you plan to add some tests?
There was a problem hiding this comment.
On the engineering side, just manual verification will be done by following the steps in the quickstart READMEs. I've updated the analysis to reflect this.
|
|
||
| === Nice-to-Have Requirements | ||
|
|
||
| === Non-Requirements |
There was a problem hiding this comment.
Are there required any updates because of the transition to Jakarta namespace? If it's the case, are those in scope of this RFE?
There was a problem hiding this comment.
I think I need to check with @emmartins about this to see if updates to Jakarta namespace should be included as part of this RFE or if all the quickstarts will be updated at the same time as part of a separate RFE.
There was a problem hiding this comment.
@OndrejKotek Confirmed with @emmartins today that updates to Jakarta namespace will be handled as part of a separate RFE.
|
|
||
| === Hard Requirements | ||
|
|
||
| The following quickstarts require updates to their CLI scripts: |
There was a problem hiding this comment.
The update is for product or upstream or both sets of quickstarts?
There was a problem hiding this comment.
Both sets will need updates.
| ** All of the commands in `configure-ssl.cli` are redundant. One-way SSL is already configured in the out of the box | ||
| configuration so these commands aren't necessary. This quickstart will be removed via https://issues.redhat.com/browse/WFLY-16140[WFLY-16140]. | ||
|
|
||
| * http-custom-mechanism |
There was a problem hiding this comment.
This quickstart application is missing in product quickstart repository and should be created new RFE to add it there.
There was a problem hiding this comment.
A new RFE has already been created. See #487.
| * ejb-security | ||
| ** The entire configure-elytron.cli script is now redundant. This quickstart will be removed via https://issues.redhat.com/browse/WFLY-16140[WFLY-16140]. | ||
|
|
||
| * jaxrs-jwt |
There was a problem hiding this comment.
For this quickstart should be created new RFE as for http-custom-mechanism
There was a problem hiding this comment.
A new RFE has already been created. See #488.
| ** The "Server Log: Expected Warnings and Errors" section indicates that a warning will appear in the server log. | ||
| This warning no longer appears so this can now be removed. | ||
|
|
||
| * microprofile-jwt |
There was a problem hiding this comment.
This also missing in product quickstart repository.
| ** In the "Activating MicroProfile JWT" section, it says to add the `LoginConfig` annotation. However, this is already | ||
| added when creating `App.java` in the "JAX-RS Conversion" section so this step should be removed. | ||
|
|
||
| * security-domain-to-domin |
There was a problem hiding this comment.
This also missing in product quickstart repository.
|
|
||
| === Other Interested Projects | ||
|
|
||
| === Relevant Installation Types |
There was a problem hiding this comment.
only microprofile-jwt is testes On OpenShift and as bootable jar. Other only as standalone server right?
And managed domain isn't required at all?
https://issues.redhat.com/browse/WFLY-16195