1018271 – Documentation: Dev Guide -Add a warning that the ejb-security-interceptor quickstart use private API

Bug 1018271 - Documentation: Dev Guide -Add a warning that the ejb-security-interceptor quickstart use private API

Summary: Documentation: Dev Guide -Add a warning that the ejb-security-interceptor qui...

Keywords:
Status:	CLOSED CURRENTRELEASE
Alias:	None
Product:	JBoss Enterprise Application Platform 6
Classification:	JBoss
Component:	Documentation
Sub Component:
Version:	6.2.0
Hardware:	Unspecified
OS:	Unspecified
Priority:	unspecified
Severity:	unspecified
Target Milestone:	ER6
Target Release:	EAP 6.2.0
Assignee:	sgilda
QA Contact:	Russell Dickenson
Docs Contact:
URL:
Whiteboard:
Depends On:	1018269
Blocks:
TreeView+	depends on / blocked

Reported:	2013-10-11 15:22 UTC by sgilda
Modified:	2014-08-14 15:17 UTC (History)
CC List:	1 user (show)
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Clone Of:	1018269
Environment:
Last Closed:	2013-12-15 16:48:37 UTC
Type:	Bug
Embargoed:

Attachments	(Terms of Use)

Description sgilda 2013-10-11 15:22:08 UTC

+++ This bug was initially created as a clone of Bug #1018269 +++

Description of problem:

The ejb-security-interceptors quickstart was introduced in EAP 6.1.1. It uses private classes. 

A new public API was introduced in 6.2 that broke this quickstart.

Per Brian Stansberry's suggestion:
* They will restore the 2 classes and commit to maintain them for 6.x
* They will not mark the modules public because they aren't and this doesn't justify changing that
* They willwe come up with a plan for a proper API in WF and 6.3 and we deprecate these once we do.

We need to add a warning to the quickstart that it uses a private API that will be deprecated and replaced in EAP 6.3.

Some suggestions from Pete:

"The two classes XXX are part of the <JBoss EAP> private API. They will be maintained for the duration of EAP 6.x. We plan to introduce a public API in EAP 6.3, and encourage you to update to the public API when available. Check the EAP 6.3 release notes for info on the public API"

they can *use* it

you should add to the statement i wrote "Note that the current API (two class names) will be deprecated in EAP 6.3, but continue to be available during the EAP 6.x series


Version-Release number of selected component (if applicable):


How reproducible:


Steps to Reproduce:
1.
2.
3.

Actual results:


Expected results:


Additional info:

--- Additional comment from  on 2013-10-11 11:20:24 EDT ---

Created against the wrong product.

Comment 1 sgilda 2013-10-11 19:27:17 UTC

Added this note

The above code example uses two classes, org.jboss.as.controller.security.SubjectUserInfo and org.jboss.as.domain.management.security.RealmUser, that are part of the JBoss EAP private API. A public API will become available in the EAP 6.3 release and the private classes will be deprecated, but these classes will be maintained and available for the duration of the EAP 6.x release cycle.

to 

topic 13166: Change the Security Context Identity
topic 14139: Pass Additional Security For EJB Authentication

Comment 2 sgilda 2013-10-15 11:56:22 UTC

The fix is staged here: http://documentation-devel.engineering.redhat.com/docs/en-US/JBoss_Enterprise_Application_Platform/6.2/html-single/Development_Guide/index.html#Change_the_Security_Context_Identity

Comment 3 Jan Martiska 2013-10-22 10:35:56 UTC

Verified.

Note You need to log in before you can comment on or make changes to this bug.