Bug 1018271

Summary: Documentation: Dev Guide -Add a warning that the ejb-security-interceptor quickstart use private API
Product: [JBoss] JBoss Enterprise Application Platform 6 Reporter: sgilda
Component: DocumentationAssignee: sgilda
Status: CLOSED CURRENTRELEASE QA Contact: Russell Dickenson <rdickens>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 6.2.0CC: jmartisk
Target Milestone: ER6   
Target Release: EAP 6.2.0   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: 1018269 Environment:
Last Closed: 2013-12-15 16:48:37 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 1018269    
Bug Blocks:    

Description sgilda 2013-10-11 15:22:08 UTC
+++ This bug was initially created as a clone of Bug #1018269 +++

Description of problem:

The ejb-security-interceptors quickstart was introduced in EAP 6.1.1. It uses private classes. 

A new public API was introduced in 6.2 that broke this quickstart.

Per Brian Stansberry's suggestion:
* They will restore the 2 classes and commit to maintain them for 6.x
* They will not mark the modules public because they aren't and this doesn't justify changing that
* They willwe come up with a plan for a proper API in WF and 6.3 and we deprecate these once we do.

We need to add a warning to the quickstart that it uses a private API that will be deprecated and replaced in EAP 6.3.

Some suggestions from Pete:

"The two classes XXX are part of the <JBoss EAP> private API. They will be maintained for the duration of EAP 6.x. We plan to introduce a public API in EAP 6.3, and encourage you to update to the public API when available. Check the EAP 6.3 release notes for info on the public API"

they can *use* it

you should add to the statement i wrote "Note that the current API (two class names) will be deprecated in EAP 6.3, but continue to be available during the EAP 6.x series


Version-Release number of selected component (if applicable):


How reproducible:


Steps to Reproduce:
1.
2.
3.

Actual results:


Expected results:


Additional info:

--- Additional comment from  on 2013-10-11 11:20:24 EDT ---

Created against the wrong product.

Comment 1 sgilda 2013-10-11 19:27:17 UTC
Added this note

The above code example uses two classes, org.jboss.as.controller.security.SubjectUserInfo and org.jboss.as.domain.management.security.RealmUser, that are part of the JBoss EAP private API. A public API will become available in the EAP 6.3 release and the private classes will be deprecated, but these classes will be maintained and available for the duration of the EAP 6.x release cycle.

to 

topic 13166: Change the Security Context Identity
topic 14139: Pass Additional Security For EJB Authentication

Comment 3 Jan Martiska 2013-10-22 10:35:56 UTC
Verified.