Why mechanisms twice?08 Mar 2017
Why do we need to specify
configurable-http-server-factory) in Elytron configuration to filter mechanisms, which we want to allow to use, when we have already defined them all in
http-authentication-factory)? It looks weird to have to write them twice:
Sure, it look so, but the key is, the mechanism configuration does not need to be based on mechanism names only!
In this example was the mechanism configured by hostname and protocol - specified configuration can be used for any mechanism, when hostname will be
localhost AND protocol will be
https. Nobody cares about mechanism itself.
As you can see, it is not possible to filter provided mechanisms by
mechanism-configuration section, because it does not need to contain all informations about them.