You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@sling.apache.org by "Bertrand Delacretaz (JIRA)" <ji...@apache.org> on 2016/12/06 11:11:31 UTC
[jira] [Commented] (SLING-6357) Allow to extend LoginAdminWhitelist
with multiple configurations
[ https://issues.apache.org/jira/browse/SLING-6357?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15725027#comment-15725027 ]
Bertrand Delacretaz commented on SLING-6357:
--------------------------------------------
I think the pattern that we use for service user mappings should work.
That's using a {{MappingConfigAmendment}} with {{configurationFactory=true}} and {{policy=ConfigurationPolicy.REQUIRE}}, and the main service aggregates those configs.
If you remove existing config parameters please log WARN messages if they are present in the configs, to avoid any confusion.
I suggest keeping the {{whitelist.bundles.regexp}} mechanism, either in the main or aggregated configs as it's useful for tests that generate bundles with generated symbolic names.
> Allow to extend LoginAdminWhitelist with multiple configurations
> ----------------------------------------------------------------
>
> Key: SLING-6357
> URL: https://issues.apache.org/jira/browse/SLING-6357
> Project: Sling
> Issue Type: Improvement
> Components: JCR
> Affects Versions: JCR Base 2.4.2
> Reporter: Julian Sedding
> Assignee: Julian Sedding
> Priority: Blocker
> Fix For: JCR Base 3.0.0
>
>
> As [discussed on the mailing list|http://sling.markmail.org/thread/7xfcefaufczvsdgk], it would be desirable to allow multiple configurations to contribute to the {{LoginAdminWhitelist}}.
> This issue is marked *blocker*, as the current implementation was not yet released, thus allowing arbitrary changes without backwards compatibility headaches.
> I propose to remove the {{whitelist.bundles.default}} and {{whitelist.bundles.additional}} properties and replace them by "additional configurations" that each allow to provide a list of whitlisted bundle symbolic names.
> In the main configuration for {{LoginAdminWhitelist}} I propose to retain the flag to bypass the whitelist completely.
> I am uncertain, whether we really need the whitelist regexp for testing, as it is fairly simple to list a hand full of required bundles. If we keep it, I suggest to make its metatype private.
> Optionally, we could consider the possibility to allow configuring a list of required "additional configurations". I would leave this until we find a real requirement for this, as it would complicate the implementation.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)