You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@sling.apache.org by "Bertrand Delacretaz (JIRA)" <ji...@apache.org> on 2016/12/06 11:11:31 UTC

[jira] [Commented] (SLING-6357) Allow to extend LoginAdminWhitelist with multiple configurations

    [ https://issues.apache.org/jira/browse/SLING-6357?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15725027#comment-15725027 ] 

Bertrand Delacretaz commented on SLING-6357:
--------------------------------------------

I think the pattern that we use for service user mappings should work. 

That's using a {{MappingConfigAmendment}} with {{configurationFactory=true}} and {{policy=ConfigurationPolicy.REQUIRE}}, and the main service aggregates those configs.

If you remove existing config parameters please log WARN messages if they are present in the configs, to avoid any confusion.

I suggest keeping the {{whitelist.bundles.regexp}} mechanism, either in the main or aggregated configs as it's useful for tests that generate bundles with generated symbolic names.

> Allow to extend LoginAdminWhitelist with multiple configurations
> ----------------------------------------------------------------
>
>                 Key: SLING-6357
>                 URL: https://issues.apache.org/jira/browse/SLING-6357
>             Project: Sling
>          Issue Type: Improvement
>          Components: JCR
>    Affects Versions: JCR Base 2.4.2
>            Reporter: Julian Sedding
>            Assignee: Julian Sedding
>            Priority: Blocker
>             Fix For: JCR Base 3.0.0
>
>
> As [discussed on the mailing list|http://sling.markmail.org/thread/7xfcefaufczvsdgk], it would be desirable to allow multiple configurations to contribute to the {{LoginAdminWhitelist}}.
> This issue is marked *blocker*, as the current implementation was not yet released, thus allowing arbitrary changes without backwards compatibility headaches.
> I propose to remove the {{whitelist.bundles.default}} and {{whitelist.bundles.additional}} properties and replace them by "additional configurations" that each allow to provide a list of whitlisted bundle symbolic names.
> In the main configuration for {{LoginAdminWhitelist}} I propose to retain the flag to bypass the whitelist completely.
> I am uncertain, whether we really need the whitelist regexp for testing, as it is fairly simple to list a hand full of required bundles. If we keep it, I suggest to make its metatype private.
> Optionally, we could consider the possibility to allow configuring a list of required "additional configurations". I would leave this until we find a real requirement for this, as it would complicate the implementation.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)