You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@sling.apache.org by "Carsten Ziegeler (Jira)" <ji...@apache.org> on 2022/07/29 14:41:00 UTC

[jira] [Commented] (SLING-11503) WebconsoleSecurityProvider: Force authentication against JCR

    [ https://issues.apache.org/jira/browse/SLING-11503?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17573009#comment-17573009 ] 

Carsten Ziegeler commented on SLING-11503:
------------------------------------------

I think the best way is to use a framework property to select which provider to use. If not set, the current mechanism kicks in.

> WebconsoleSecurityProvider: Force authentication against JCR
> ------------------------------------------------------------
>
>                 Key: SLING-11503
>                 URL: https://issues.apache.org/jira/browse/SLING-11503
>             Project: Sling
>          Issue Type: Task
>          Components: Extensions
>    Affects Versions: Web Console Security Provider 1.2.4
>            Reporter: Joerg Hoh
>            Assignee: Joerg Hoh
>            Priority: Major
>
> It should be possible to enforce an authentication against JCR even if SlingAuthentication is possible.
> Assume that Sling Authentication is using SAML, but it still must be possible to authenticate against the JCR using local users.
> This will just affect the authentication on the Webconsole!



--
This message was sent by Atlassian Jira
(v8.20.10#820010)