You are viewing a plain text version of this content. The canonical link for it is here.
Posted to oak-issues@jackrabbit.apache.org by "Robert Munteanu (Jira)" <ji...@apache.org> on 2020/05/04 13:12:00 UTC
[jira] [Commented] (OAK-9047) Make the
DefaultAuthorizableActionProvider require a configuration
[ https://issues.apache.org/jira/browse/OAK-9047?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17098915#comment-17098915 ]
Robert Munteanu commented on OAK-9047:
--------------------------------------
If we decide to go down this route, I think the {{SecurityProviderRegistration}} should be the the one to have {{ConfigurationPolicy.REQUIRE}}, as it aggregates many (all?) of the security-related services.
> Make the DefaultAuthorizableActionProvider require a configuration
> ------------------------------------------------------------------
>
> Key: OAK-9047
> URL: https://issues.apache.org/jira/browse/OAK-9047
> Project: Jackrabbit Oak
> Issue Type: Improvement
> Components: security-spi
> Reporter: Konrad Windszus
> Priority: Major
>
> Currently configuring the {{DefaultAuthorizableActionProvider}} leads to restart of the Oak repository in the context of https://issues.apache.org/jira/browse/SLING-7811?focusedCommentId=16573171&page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#comment-16573171.
> It would make sense to only start the service https://github.com/apache/jackrabbit-oak/blob/1f90e8c632868e658cc60b95bc5ec49182c4e173/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/user/action/DefaultAuthorizableActionProvider.java#L45 once a mandatory configuration is in place.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)