[SLING-4888] Add SlingRepository.impersonateFromService - ASF JIRA

XML

Word

Printable

JSON

Details

Type: New Feature
Status: Closed
Priority: Major
Resolution: Fixed
Affects Version/s: None
Fix Version/s: JCR Jackrabbit Server 2.3.0, JCR Base 2.3.0, JCR API 2.3.0, JCR Oak Server 1.0.0
Component/s: JCR
Labels:
None

Description

as discussed before it it would be generally preferable to perform event-based with the original subject that triggered the event instead of using a clone of the privileged session that was used to register the event listener.

using the original subject (instead of just using the privileged session) will ultimately always results in the same piece of code which consists of

SlingRepository.loginService or SlingRepository.loginAdministrative followed by
Session.impersonate to obtain a session associated with the original subject
Session.logout for the privileged session
Session.logout for the impersonated session

To ease the usage of the original subject, which usually would be preferable from a security point of view, I would like to suggest to introduce SlingRepository.impersonateFromService, which not only reduced the total amount of code to be written but also helped developers to move away from using loginAdministrative. Furthermore an implementation may also take advantage of implementation details and avoid the duplicate authentication altogether.

Initial proposal of the API extension -> see attached patch

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending

SLING-4888_2.patch
16/Jul/15 08:22
3 kB
Angela Schreiber
SLING-4888.patch
16/Jul/15 08:00
3 kB
Angela Schreiber

Activity

People

Assignee:: Carsten Ziegeler

Reporter:: Angela Schreiber

Votes:: 0 Vote for this issue

Watchers:: 5 Start watching this issue

Dates

Created:: 16/Jul/15 07:58

Updated:: 17/Aug/15 07:05

Resolved:: 10/Aug/15 05:38