...
- FCREPO-504 (Fedora war without installer). Can we use a single web.xml?
- Various filters and filter mappings enabled/disabled/swapped depending on authN/authZ choices
- It may be possible to use Spring DelegatingFilterProxy for e.g. AuthFilterJAAS (fesl) vs EnforceAuthnFilter (old)
- Unique filter-mappings a bit more problematic - put in a "do nothing" filter impl in place by default when the mapping should be disabled?
- SSL enabled on API-M
- transport-guarantee CONFIDENTIAL in web.xml. It MAY be possible to use Spring Security to force api-m URLs to secure channel.
- Looks straightforward, but don't know how it will behave in practice as Spring Security won't actually be used for implementing security.
- Should we install a fedora home if none provided? That could be potentially dangerous.
- Various filters and filter mappings enabled/disabled/swapped depending on authN/authZ choices
- Updates on in-progress issues
...