-
Improvement
-
Resolution: Fixed
-
Major
-
None
-
None
-
None
-
-
Empty show more show less
-
Yes
-
Yes
The default ssoConfig is defined in the config yaml. This has 2 main issues:
- unencrypted secrets (event with your suggested env variables on build process solution, the war file contains the secret in plain text).
- Environment specific client configuration
The possibility to define a custom SsoConfig implementation would enable us to load the config from wherever we like (e.g. magnolia properties, jcr, ...)
Currently this can only be achieved by a hack:
import info.magnolia.config.source.yaml.YamlReader; import info.magnolia.map2bean.Map2BeanTransformer; import info.magnolia.module.ModuleRegistry; import info.magnolia.resourceloader.ResourceOrigin; import info.magnolia.sso.config.SsoConfig; import info.magnolia.sso.config.SsoConfigYamlBridge; import javax.inject.Inject; public class CustomSsoConfigBridge extends SsoConfigYamlBridge { private final CustomSsoConfig ssoConfig; @Inject public GardenaSsoConfigBridge( final ModuleRegistry moduleRegistry, final ResourceOrigin resourceOrigin, final YamlReader yamlReader, final Map2BeanTransformer map2Bean, final CustomSsoConfig ssoConfig) { super(moduleRegistry, resourceOrigin, yamlReader, map2Bean); this.ssoConfig = ssoConfig; } @Override public SsoConfig get() { return ssoConfig; } }
import info.magnolia.sso.config.SsoConfig; public class CustomSsoConfig implements SsoConfig { ... }
Binding in module.xml
<component> <type>info.magnolia.sso.config.SsoConfigYamlBridge</type> <implementation>...CustomSsoConfigBridge</implementation> </component>
Binding the SsoConfig directly would be the cleaner solution and less dependent on the further development of this module (breaking change in case the Bridge ever gets removed/changed).
- causes
-
MGNLSSO-316 Invalidating/reloading SSO Yaml Config doesn't work
- Closed
- relates to
-
MGNLSSO-184 Property Expansion in magnolia-sso/config.yaml fails on creation of SSOCallbackServlet
- Closed
-
DOCU-2728 Update SSO docs re: passing secrets as environment variables
- Closed
-
MGNLSSO-291 Subclassing Pac4jConfigProvider from SSO module breaks Magnolia startup of fresh start when no repositories exist yet
- Closed
-
MGNLSSO-292 Remove Microprofile config related in SSO v3.1
- Closed