You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@sling.apache.org by cz...@apache.org on 2016/12/19 11:02:49 UTC

svn commit: r1775055 - in /sling/trunk/bundles/jcr/davex: pom.xml src/main/java/org/apache/sling/jcr/davex/impl/servlets/SlingDavExServlet.java

Author: cziegeler
Date: Mon Dec 19 11:02:49 2016
New Revision: 1775055

URL: http://svn.apache.org/viewvc?rev=1775055&view=rev
Log:
SLING-6404 : Remove loginAdministrative() usage from jcr.davex

Modified:
    sling/trunk/bundles/jcr/davex/pom.xml
    sling/trunk/bundles/jcr/davex/src/main/java/org/apache/sling/jcr/davex/impl/servlets/SlingDavExServlet.java

Modified: sling/trunk/bundles/jcr/davex/pom.xml
URL: http://svn.apache.org/viewvc/sling/trunk/bundles/jcr/davex/pom.xml?rev=1775055&r1=1775054&r2=1775055&view=diff
==============================================================================
--- sling/trunk/bundles/jcr/davex/pom.xml (original)
+++ sling/trunk/bundles/jcr/davex/pom.xml Mon Dec 19 11:02:49 2016
@@ -33,7 +33,7 @@
     </scm>
 
     <properties>
-        <jackrabbit.version>2.13.1</jackrabbit.version>
+        <jackrabbit.version>2.13.6</jackrabbit.version>
     </properties>
 
     <build>
@@ -114,7 +114,7 @@
         <dependency>
             <groupId>org.apache.sling</groupId>
             <artifactId>org.apache.sling.jcr.api</artifactId>
-            <version>2.0.6</version>
+            <version>2.4.0</version>
             <scope>provided</scope>
         </dependency>
         <dependency>

Modified: sling/trunk/bundles/jcr/davex/src/main/java/org/apache/sling/jcr/davex/impl/servlets/SlingDavExServlet.java
URL: http://svn.apache.org/viewvc/sling/trunk/bundles/jcr/davex/src/main/java/org/apache/sling/jcr/davex/impl/servlets/SlingDavExServlet.java?rev=1775055&r1=1775054&r2=1775055&view=diff
==============================================================================
--- sling/trunk/bundles/jcr/davex/src/main/java/org/apache/sling/jcr/davex/impl/servlets/SlingDavExServlet.java (original)
+++ sling/trunk/bundles/jcr/davex/src/main/java/org/apache/sling/jcr/davex/impl/servlets/SlingDavExServlet.java Mon Dec 19 11:02:49 2016
@@ -153,6 +153,7 @@ public class SlingDavExServlet extends J
     protected SessionProvider getSessionProvider() {
         return new SessionProvider() {
 
+            @Override
             public Session getSession(final HttpServletRequest req, final Repository repository, final String workspace)
                     throws LoginException, RepositoryException, ServletException {
                 final ResourceResolver resolver = (ResourceResolver) req.getAttribute(AuthenticationSupport.REQUEST_ATTRIBUTE_RESOLVER);
@@ -168,6 +169,7 @@ public class SlingDavExServlet extends J
                 throw new ServletException("ResourceResolver missing or not providing on JCR Session");
             }
 
+            @Override
             public void releaseSession(final Session session) {
                 log.debug("releaseSession: Logging out long lived Session ({})", session);
                 session.logout();
@@ -177,25 +179,23 @@ public class SlingDavExServlet extends J
              * Creates a new session for the user of the slingSession in the
              * same workspace as the slingSession.
              * <p>
-             * Assumption: The admin session has permission to impersonate
+             * Assumption: The service session has permission to impersonate
              * as any user without restriction. If this is not the case
              * the Session.impersonate method throws a LoginException
              * which is folded into a RepositoryException.
              *
              * @param slingSession The session provided by the Sling
-             *            authentication mechanis,
+             *            authentication mechanism,
              * @return a new session which may (and will) outlast the request
-             * @throws RepositoryException If an error occurrs creating the
+             * @throws RepositoryException If an error occurs creating the
              *             session.
              */
             private Session getLongLivedSession(final Session slingSession) throws RepositoryException {
-                Session adminSession = null;
                 final String user = slingSession.getUserID();
+                final SimpleCredentials credentials = new SimpleCredentials(user, EMPTY_PW);
                 try {
-                    final SimpleCredentials credentials = new SimpleCredentials(user, EMPTY_PW);
                     final String wsp = slingSession.getWorkspace().getName();
-                    adminSession = SlingDavExServlet.this.repository.loginAdministrative(wsp);
-                    return adminSession.impersonate(credentials);
+                    return SlingDavExServlet.this.repository.impersonateFromService(null, credentials, wsp);
                 } catch (RepositoryException re) {
 
                     // LoginException from impersonate (missing permission)
@@ -203,11 +203,6 @@ public class SlingDavExServlet extends J
                     // impersonate folded into RepositoryException to
                     // cause a 403/FORBIDDEN response
                     throw new RepositoryException("Cannot get session for " + user, re);
-
-                } finally {
-                    if (adminSession != null) {
-                        adminSession.logout();
-                    }
                 }
             }
         };