Hi Sling devs, Maybe you saw this already in the dev email feed from my Jira comment. But here’s the comment I posted to the SAML Jira ticket [1]
One of the open items identified in the ticket description regards SAML2ConfigService and the implementation SAML2ConfigServiceImpl. This service provides SAML configurations to AuthenticationHandlerSAML2 and Saml2UserMgtServiceImpl. Because SAML2ConfigService has keystore information, I find it uncomfortable making it generally available as an OSGI whiteboard service. I would like some feedback about the appropriate way to provide sensitive configurations only to the required services. OSGi In Action [2] has a chapter about "Securing your Applications." Unfortunately my copy is unavailable and this link is the best I can do. It mentions PackagePermission, BundlePermission, ServicePermission and AdminPermission. Looks like bnd has some support for ServicePermission [3] In my opinion, the config Service (org.apache.sling.auth.saml2.SAML2ConfigService) should be restricted to specific two services: org.apache.sling.auth.saml2.AuthenticationHandlerSAML2 and org.apache.sling.auth.saml2.impl.Saml2UserMgtServiceImpl. Or maybe there’s another design I could use to provide the configs to two services (and no others). Cris [1] https://issues.apache.org/jira/browse/SLING-9397?focusedCommentId=17279771&page=com.atlassian.jira.plugin.system.issuetabpanels%3Acomment-tabpanel#comment-17279771 <https://issues.apache.org/jira/browse/SLING-9397?focusedCommentId=17279771&page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#comment-17279771> [2] https://livebook.manning.com/book/osgi-in-action/chapter-14/62 <https://livebook.manning.com/book/osgi-in-action/chapter-14/62> [3] https://github.com/bndtools/bnd/pull/809 <https://github.com/bndtools/bnd/pull/809>
