soteria icon indicating copy to clipboard operation
soteria copied to clipboard
verified publisher icon eclipse-ee4j

The OpenID Connect implementation and related beans are eagerly loaded even when not required.

Open darranl opened this issue 3 years ago • 2 comments

It would be better to review how much needs to be eagerly loaded and how much can be deferred until deemed necessary for the deployment. Although identified due to the addition of OpenID Connect this should really apply to all beans to ensure resources are not being utilised unnecessarily.

darranl avatar Aug 16 '22 19:08 darranl

I agree. I wondered about this too when reviewing the code. Some extensive testing didn't reveal any blocking issues here, but it would be good to look at it.

Patching in the original developer: @jGauravGupta

arjantijms avatar Aug 17 '22 15:08 arjantijms

Within WildFly at the time of deployment we scan the annotations used in the deployment and if we detect EE security annotations we activate the Soteria EE security extension.

One simple approach for us could be if the mechanisms were contained in their own extensions - depending on which annotations were encountered when scanning the deployment we could select which extensions could be enabled.

But how do other server's perform their initialisation? Could they also select which Soteria extensions to enable based on the needs of the deployment or is it more common elsehwere to have the whole of Soteria active by default?

darranl avatar Aug 17 '22 20:08 darranl