Netflix / genie / 1907
94%

DEFAULT BRANCH: master
Ran
Jobs 1
Files 316
Run time 42s
Badge
Embed ▾
README BADGES
x

If you need to use a raster PNG badge, change the '.svg' to '.png' in the link

Markdown

Textile

RDoc

HTML

Rst
1907

push

travis-ci

tgianos 
Break 3.x security implementations into their own module

Security implementations for various technologies were added as part of Genie 3.0 development. Since that time spring security, spring boot, security technoloties and internal support for all of the above have changed drastically. The old implementations took various shortcuts and had a lot of code to get around shortcomings that existed at the time in various places. In particular SAML support is messy and fragile at best. The implementations were developed to be able to be turned on and off independently which led to so interdependencies on orders and became difficult for anyone to understand other than the original developer (me and even I forgot most of it).

Boot 2 took a more aggressive approach of enabling security by default if `spring-boot-starter-security` was on the classpath. Having to turn this off by default added even more weirdness to the security solution particularly when trying to integrate with new internal implementations.

This commit moves all the old 3.x security implementations to a new `genie-security` module that can be added or not to the classpath. If added (as it is in `genie-app` and `genie-web`) things continue to behave as before. If it's not no security is present at all and it provides a blank slate to apply any security desired on top of the `genie-web` business code which is currently completely independent of security anyway (by this I mean it doesn't rely on any security classes, it doesn't enforce a user to access methods or more). This will simplify integration with internal boot starters for security and get us on paved path quicker. Additionally it will provide us a blank slate in Genie 4 to rethink security and attempt to leverage newer implementations of spring security technologies (in particular OAuth2) as well as hopefully provide a more flexbile/pluggable solution.

9717 of 10732 relevant lines covered (90.54%)

0.91 hits per line

Jobs
ID Job ID Ran Files Coverage
1 1907.1 0
90.54
 Travis Job 1907.1
Source Files on build 1907
Detailed source file information is not available for this build.