New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Removal of createRestrictor makes custom restrictors difficult #284

Closed
nsayer opened this Issue Sep 29, 2016 · 2 comments

Comments

Projects
None yet
2 participants
@nsayer

nsayer commented Sep 29, 2016

In 1.3.3 the protected createRestrictor() call was removed. The only avenue now for creating a custom restrictor is via the constructor. This is problematic as we override init() to perform configuration, and that happens after construction. The instance variable is private and there is no setter, so there's no way to replace the restrictor after construction.

Either the protected createRestrictor() needs to come back, or the instance variable needs to be made protected rather than private or a protected setter added to allow subclasses to replace the restrictor between construction and the call to super.init() (or perhaps even at other times).

@rhuss rhuss closed this in 1dec325 Sep 30, 2016

@rhuss

This comment has been minimized.

Owner

rhuss commented Sep 30, 2016

I've re-added the hooks, could you please check, whether this fits your purpose ?

BTW, you could always configure a restrictor class name which would get instantiated by the servlet.

@nsayer

This comment has been minimized.

nsayer commented Sep 30, 2016

I saw the diff. It looks good to me.

We couldn't do servlet configuration as you suggest in this case because we're adding standalone support to an otherwise sealed (non-web) daemon on the command line.

We wanted to upgrade so we could get obfuscated SSL keystore password support, but ran into this...

Sent from my iPhone

On Sep 30, 2016, at 7:18 AM, Roland Huß notifications@github.com wrote:

I've re-added the hooks, could you please check, whether this fits your purpose ?

BTW, you could always configure a restrictor class name which would get instantiated by the servlet.


You are receiving this because you authored the thread.
Reply to this email directly, view it on GitHub, or mute the thread.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment