You are viewing a plain text version of this content. The canonical link for it is here.

Posted to oak-issues@jackrabbit.apache.org by "angela (JIRA)" <ji...@apache.org> on 2016/01/27 18:21:39 UTC

[jira] [Assigned] (OAK-3902) SecurityProviderRegistration doesn't fill the composite context

     [ https://issues.apache.org/jira/browse/OAK-3902?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

angela reassigned OAK-3902:
---------------------------

    Assignee: angela

> SecurityProviderRegistration doesn't fill the composite context
> ---------------------------------------------------------------
>
>                 Key: OAK-3902
>                 URL: https://issues.apache.org/jira/browse/OAK-3902
>             Project: Jackrabbit Oak
>          Issue Type: Bug
>          Components: core
>            Reporter: angela
>            Assignee: angela
>            Priority: Critical
>             Fix For: 1.4
>
>
> when aggregating security configurations of the same type in {{SecurityProviderRegistration}} the context hold by {{CompositeConfiguration}} remains empty (in contrast to the corresponding call in {{SecurityProviderImpl}}). This particularly affects authorization where it is crucial to identify that a given item is defined by the authorization model and thus is a different type of node/property.
> To fix that we might consider changing the way {{SecurityProviderRegistration}} populates the aggregates or (if that is not possible) fix the {{CompositeConfiguration}}. In general the issue was introduced when removing the {{final}} flag from the various {{Composite*Configuration}}s together with a optimization in {{CompositeConfiguration}}. 



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)