diff --git a/.github/workflows/continuous-integration.yml b/.github/workflows/continuous-integration.yml
index c880abf01..9e22ffa7b 100644
--- a/.github/workflows/continuous-integration.yml
+++ b/.github/workflows/continuous-integration.yml
@@ -218,6 +218,7 @@ jobs:
matrix:
module:
- taskana-common
+ - taskana-common-security
- taskana-common-data
- taskana-common-test
- taskana-core
@@ -347,7 +348,7 @@ jobs:
./mvnw -B deploy -P $([[ "$GITHUB_REF" =~ ^refs/tags/v[0-9]+\.[0-9]+\.[0-9]+$ ]] && echo "release" || echo "snapshot") \
--settings ci/mvnsettings.xml -DskipTests -Dcheckstyle.skip -Dasciidoctor.skip -Djacoco.skip \
-pl :taskana-parent,\
- :taskana-common-parent,:taskana-common,:taskana-common-data,:taskana-common-test,\
+ :taskana-common-parent,:taskana-common,:taskana-common-security,:taskana-common-data,:taskana-common-test,\
:taskana-lib-parent,:taskana-core,:taskana-cdi,:taskana-spring,\
:taskana-rest-parent,:taskana-web,:taskana-rest-spring,\
:taskana-history-parent,:taskana-simplehistory-provider,:taskana-simplehistory-rest-spring,:taskana-loghistory-provider
diff --git a/common/pom.xml b/common/pom.xml
index f20e2571c..98e98d3ff 100644
--- a/common/pom.xml
+++ b/common/pom.xml
@@ -18,6 +18,7 @@
taskana-common
+ taskana-common-security
taskana-common-data
taskana-common-test
diff --git a/common/taskana-common-security/pom.xml b/common/taskana-common-security/pom.xml
new file mode 100644
index 000000000..4ee8f8db9
--- /dev/null
+++ b/common/taskana-common-security/pom.xml
@@ -0,0 +1,23 @@
+
+
+ 4.0.0
+ taskana-common-security
+
+ ${project.groupId}:${project.artifactId}
+ The global security principals needed for user and group authentication
+
+
+ taskana-common-parent
+ pro.taskana
+ 4.3.1-SNAPSHOT
+
+
+
+
+ org.slf4j
+ slf4j-api
+
+
+
diff --git a/common/taskana-common/src/main/java/pro/taskana/common/api/security/CurrentUserContext.java b/common/taskana-common-security/src/main/java/pro/taskana/common/api/security/CurrentUserContext.java
similarity index 100%
rename from common/taskana-common/src/main/java/pro/taskana/common/api/security/CurrentUserContext.java
rename to common/taskana-common-security/src/main/java/pro/taskana/common/api/security/CurrentUserContext.java
diff --git a/common/taskana-common/src/main/java/pro/taskana/common/api/security/GroupPrincipal.java b/common/taskana-common-security/src/main/java/pro/taskana/common/api/security/GroupPrincipal.java
similarity index 100%
rename from common/taskana-common/src/main/java/pro/taskana/common/api/security/GroupPrincipal.java
rename to common/taskana-common-security/src/main/java/pro/taskana/common/api/security/GroupPrincipal.java
diff --git a/common/taskana-common/src/main/java/pro/taskana/common/api/security/UserPrincipal.java b/common/taskana-common-security/src/main/java/pro/taskana/common/api/security/UserPrincipal.java
similarity index 100%
rename from common/taskana-common/src/main/java/pro/taskana/common/api/security/UserPrincipal.java
rename to common/taskana-common-security/src/main/java/pro/taskana/common/api/security/UserPrincipal.java
diff --git a/common/taskana-common/src/main/java/pro/taskana/common/internal/security/CurrentUserContextImpl.java b/common/taskana-common-security/src/main/java/pro/taskana/common/internal/security/CurrentUserContextImpl.java
similarity index 82%
rename from common/taskana-common/src/main/java/pro/taskana/common/internal/security/CurrentUserContextImpl.java
rename to common/taskana-common-security/src/main/java/pro/taskana/common/internal/security/CurrentUserContextImpl.java
index b1e8efd2d..48dc05855 100644
--- a/common/taskana-common/src/main/java/pro/taskana/common/internal/security/CurrentUserContextImpl.java
+++ b/common/taskana-common-security/src/main/java/pro/taskana/common/internal/security/CurrentUserContextImpl.java
@@ -1,7 +1,5 @@
package pro.taskana.common.internal.security;
-import static pro.taskana.common.internal.util.CheckedFunction.wrap;
-
import java.lang.reflect.Method;
import java.security.AccessController;
import java.security.Principal;
@@ -87,12 +85,22 @@ public class CurrentUserContextImpl implements CurrentUserContext {
LOGGER.debug("Public credentials of caller: {}", publicCredentials);
return publicCredentials.stream()
.map(
- wrap(
- credential ->
- credential
- .getClass()
- .getMethod(GET_UNIQUE_SECURITY_NAME_METHOD, (Class[]) null)
- .invoke(credential, (Object[]) null)))
+ // we could use CheckedFunction#wrap here, but this either requires a dependency
+ // to taskana-common or an inclusion of the class CheckedFunction in this module.
+ // The first is not possible due to a cyclic dependency.
+ // The second is not desired, since this module is a very slim security module and
+ // the inclusion of CheckedFunction and its transitive dependencies would increase
+ // the module scope and introduce inconsistency.
+ credential -> {
+ try {
+ return credential
+ .getClass()
+ .getMethod(GET_UNIQUE_SECURITY_NAME_METHOD, (Class[]) null)
+ .invoke(credential, (Object[]) null);
+ } catch (Exception e) {
+ throw new SecurityException("Could not retrieve principal", e);
+ }
+ })
.peek(
o ->
LOGGER.debug(
diff --git a/common/taskana-common/pom.xml b/common/taskana-common/pom.xml
index dac13a3fb..3ae170332 100644
--- a/common/taskana-common/pom.xml
+++ b/common/taskana-common/pom.xml
@@ -15,6 +15,11 @@
+
+ pro.taskana
+ taskana-common-security
+ ${project.version}
+
org.json
json