Uploaded image for project: 'Sling'
  1. Sling
  2. SLING-11974

Regression caused by SLING-11825 - change in request getUserPrincipal

Attach filesAttach ScreenshotVotersWatch issueWatchersCreate sub-taskLinkCloneUpdate Comment AuthorReplace String in CommentUpdate Comment VisibilityDelete Comments
    XMLWordPrintableJSON

Details

    • Bug
    • Status: Closed
    • Major
    • Resolution: Fixed
    • Engine 2.14.0, Engine 2.15.0, Engine 2.15.2
    • Engine 2.15.4, API 2.27.6
    • Engine
    • None

    Description

      With SLING-11825 getUserPrincipal will always return null for the anonymous user. While this change is spec compliant it is a change in behaviour which is actually breaking users of Sling.
      Therefore we should revert that change and add a switch to toggle the behaviour. By default, the switch will be set to enable the old, non spec compliant behaviour.
      In general, it is suggest to use request getAuthType() == null to check whether the request is authenticated - and only if that returns a non null value call getUserPrincipal

      Attachments

        Issue Links

        is broken by

        Bug - A problem which impairs or prevents the functions of the product. SLING-11825 SlingHttpServletRequestImpl.getUserPrincipal() does not return null for anonymous requests

        • Major - Major loss of function.
        • Closed

        Activity
          This comment will be Viewable by All Users Viewable by All Users
          Cancel

          People

            cziegeler Carsten Ziegeler
            cziegeler Carsten Ziegeler
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved:

              Slack

                Issue deployment