You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@sling.apache.org by "Krzysztof Watral (JIRA)" <ji...@apache.org> on 2017/05/11 07:28:04 UTC

[jira] [Created] (SLING-6849) Impersonation for group of users

Krzysztof Watral created SLING-6849:
---------------------------------------

             Summary: Impersonation for group of users
                 Key: SLING-6849
                 URL: https://issues.apache.org/jira/browse/SLING-6849
             Project: Sling
          Issue Type: Improvement
          Components: Authentication, ResourceResolver
            Reporter: Krzysztof Watral


Currently we have two possibilities (which I know) to impersonate some account as a different user:
# First solution can be implemented in the following way:
{code:java}
Map<String, Object> authenticationInfo = Maps.newHashMap();
authenticationInfo.put(ResourceResolverFactory.USER_IMPERSONATION, userId);
resourceResolver = resourceResolverFactory.getServiceResourceResolver(authenticationInfo);
{code}
it works, but adds a lot of effort for Administrators, because they have to define each user in list of possible impersonators (unfortunately this approach doesn't support a group of users).
# Second approach is to get user session using SlingRepository.impersonateFroService:
{code:java}
slingRepository.impersonateFromService(null, credentials, null);
{code}
Unfortunately, this requires to pass userId and password, that is usually impossible to get from programmatical point of view.

To make life easier, it would be nice if one of the following suggestion would be implemented:
 - slingRepository.impersonateFromService(null, credentials, null); could start accepting credentials without password
 - impersonators could be configured for group of users




--
This message was sent by Atlassian JIRA
(v6.3.15#6346)