Configuration to allow loading unsigned plugins
Configuration to allow loading unsigned plugins
Description
Currently SoapUI-5.3.0 allows to load only the plugins which are signed by Smartbear, for security reasons. This precaution prevents to develop, test and use the plugins which are not signed by Smartbear. Asking Smartbear to sign every JAR we need to test is not feasible. The enforcement of signing the plugins is contrary to open source principles.
Proposal
Introduce a configuration item in SoapUI properties, which allows loading unsigned plugins. The item can be set to false by default, but the user will be able to allow it at his own risk. There can be a short notice about potential risks.
Benefits
The implementation would allow more freedom and flexibility to both SoapUI contributors and users and encourage people to develop new/custom plugins.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.