Uploaded image for project: 'Sling'
  1. Sling
  2. SLING-4888

Add SlingRepository.impersonateFromService

    XMLWordPrintableJSON

    Details

      Description

      as discussed before it it would be generally preferable to perform event-based with the original subject that triggered the event instead of using a clone of the privileged session that was used to register the event listener.

      using the original subject (instead of just using the privileged session) will ultimately always results in the same piece of code which consists of

      • SlingRepository.loginService or SlingRepository.loginAdministrative followed by
      • Session.impersonate to obtain a session associated with the original subject
      • Session.logout for the privileged session
      • Session.logout for the impersonated session

      To ease the usage of the original subject, which usually would be preferable from a security point of view, I would like to suggest to introduce SlingRepository.impersonateFromService, which not only reduced the total amount of code to be written but also helped developers to move away from using loginAdministrative. Furthermore an implementation may also take advantage of implementation details and avoid the duplicate authentication altogether.

      Initial proposal of the API extension -> see attached patch

        Attachments

        1. SLING-4888_2.patch
          3 kB
          Angela Schreiber
        2. SLING-4888.patch
          3 kB
          Angela Schreiber

          Activity

            People

            • Assignee:
              cziegeler Carsten Ziegeler
              Reporter:
              angela Angela Schreiber
            • Votes:
              0 Vote for this issue
              Watchers:
              5 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: