Uploaded image for project: 'Sling'
  1. Sling
  2. SLING-6357

Allow to extend LoginAdminWhitelist with multiple configurations

    XMLWordPrintableJSON

    Details

    • Type: Improvement
    • Status: Closed
    • Priority: Blocker
    • Resolution: Fixed
    • Affects Version/s: JCR Base 2.4.2
    • Fix Version/s: JCR Base 3.0.0
    • Component/s: JCR
    • Labels:
      None

      Description

      As discussed on the mailing list, it would be desirable to allow multiple configurations to contribute to the LoginAdminWhitelist.

      This issue is marked blocker, as the current implementation was not yet released, thus allowing arbitrary changes without backwards compatibility headaches.

      I propose to remove the whitelist.bundles.default and whitelist.bundles.additional properties and replace them by "additional configurations" that each allow to provide a list of whitlisted bundle symbolic names.

      In the main configuration for LoginAdminWhitelist I propose to retain the flag to bypass the whitelist completely.

      I am uncertain, whether we really need the whitelist regexp for testing, as it is fairly simple to list a hand full of required bundles. If we keep it, I suggest to make its metatype private.

      Optionally, we could consider the possibility to allow configuring a list of required "additional configurations". I would leave this until we find a real requirement for this, as it would complicate the implementation.

        Attachments

          Activity

            People

            • Assignee:
              jsedding Julian Sedding
              Reporter:
              jsedding Julian Sedding
            • Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: