You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@sling.apache.org by ro...@apache.org on 2017/01/30 16:54:43 UTC
svn commit: r1780942 - in /sling/trunk/bundles/jcr/davex: pom.xml
src/main/java/org/apache/sling/jcr/davex/impl/servlets/SlingDavExServlet.java
Author: rombert
Date: Mon Jan 30 16:54:43 2017
New Revision: 1780942
URL: http://svn.apache.org/viewvc?rev=1780942&view=rev
Log:
SLING-6498 - DavEx: Login fails
Revert "SLING-6404 : Remove loginAdministrative() usage from jcr.davex"
This reverts r1775055, as the bundle became non-functional.
Modified:
sling/trunk/bundles/jcr/davex/pom.xml
sling/trunk/bundles/jcr/davex/src/main/java/org/apache/sling/jcr/davex/impl/servlets/SlingDavExServlet.java
Modified: sling/trunk/bundles/jcr/davex/pom.xml
URL: http://svn.apache.org/viewvc/sling/trunk/bundles/jcr/davex/pom.xml?rev=1780942&r1=1780941&r2=1780942&view=diff
==============================================================================
--- sling/trunk/bundles/jcr/davex/pom.xml (original)
+++ sling/trunk/bundles/jcr/davex/pom.xml Mon Jan 30 16:54:43 2017
@@ -114,7 +114,7 @@
<dependency>
<groupId>org.apache.sling</groupId>
<artifactId>org.apache.sling.jcr.api</artifactId>
- <version>2.4.0</version>
+ <version>2.0.6</version>
<scope>provided</scope>
</dependency>
<dependency>
Modified: sling/trunk/bundles/jcr/davex/src/main/java/org/apache/sling/jcr/davex/impl/servlets/SlingDavExServlet.java
URL: http://svn.apache.org/viewvc/sling/trunk/bundles/jcr/davex/src/main/java/org/apache/sling/jcr/davex/impl/servlets/SlingDavExServlet.java?rev=1780942&r1=1780941&r2=1780942&view=diff
==============================================================================
--- sling/trunk/bundles/jcr/davex/src/main/java/org/apache/sling/jcr/davex/impl/servlets/SlingDavExServlet.java (original)
+++ sling/trunk/bundles/jcr/davex/src/main/java/org/apache/sling/jcr/davex/impl/servlets/SlingDavExServlet.java Mon Jan 30 16:54:43 2017
@@ -153,7 +153,6 @@ public class SlingDavExServlet extends J
protected SessionProvider getSessionProvider() {
return new SessionProvider() {
- @Override
public Session getSession(final HttpServletRequest req, final Repository repository, final String workspace)
throws LoginException, RepositoryException, ServletException {
final ResourceResolver resolver = (ResourceResolver) req.getAttribute(AuthenticationSupport.REQUEST_ATTRIBUTE_RESOLVER);
@@ -169,7 +168,6 @@ public class SlingDavExServlet extends J
throw new ServletException("ResourceResolver missing or not providing on JCR Session");
}
- @Override
public void releaseSession(final Session session) {
log.debug("releaseSession: Logging out long lived Session ({})", session);
session.logout();
@@ -179,23 +177,25 @@ public class SlingDavExServlet extends J
* Creates a new session for the user of the slingSession in the
* same workspace as the slingSession.
* <p>
- * Assumption: The service session has permission to impersonate
+ * Assumption: The admin session has permission to impersonate
* as any user without restriction. If this is not the case
* the Session.impersonate method throws a LoginException
* which is folded into a RepositoryException.
*
* @param slingSession The session provided by the Sling
- * authentication mechanism,
+ * authentication mechanis,
* @return a new session which may (and will) outlast the request
- * @throws RepositoryException If an error occurs creating the
+ * @throws RepositoryException If an error occurrs creating the
* session.
*/
private Session getLongLivedSession(final Session slingSession) throws RepositoryException {
+ Session adminSession = null;
final String user = slingSession.getUserID();
- final SimpleCredentials credentials = new SimpleCredentials(user, EMPTY_PW);
try {
+ final SimpleCredentials credentials = new SimpleCredentials(user, EMPTY_PW);
final String wsp = slingSession.getWorkspace().getName();
- return SlingDavExServlet.this.repository.impersonateFromService(null, credentials, wsp);
+ adminSession = SlingDavExServlet.this.repository.loginAdministrative(wsp);
+ return adminSession.impersonate(credentials);
} catch (RepositoryException re) {
// LoginException from impersonate (missing permission)
@@ -203,6 +203,11 @@ public class SlingDavExServlet extends J
// impersonate folded into RepositoryException to
// cause a 403/FORBIDDEN response
throw new RepositoryException("Cannot get session for " + user, re);
+
+ } finally {
+ if (adminSession != null) {
+ adminSession.logout();
+ }
}
}
};