You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@sling.apache.org by "Eric Norman (Jira)" <ji...@apache.org> on 2020/10/11 05:02:00 UTC

[jira] [Resolved] (SLING-9809) Remove loginAdministrative() usage from org.apache.sling.jcr.jackrabbit.usermanager

     [ https://issues.apache.org/jira/browse/SLING-9809?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Eric Norman resolved SLING-9809.
--------------------------------
    Resolution: Fixed

Fixed at: [https://github.com/apache/sling-org-apache-sling-jcr-jackrabbit-usermanager/commit/31f4bc3bceb06af8591f34a7be90e9778c01cefb]

NOTE: after upgrade to version 2.2.12 or later the following additional configurations must be added to your system and the usermanager bundle should be removed from the "org.apache.sling.jcr.base.internal.LoginAdminWhitelist.fragment-sling" configuration.

 
{code:java}
[:repoinit]

    #<<< SLING-9809 - Define service user and ACLs for usermanager    
    create service user sling-jcr-usermanager with path system/sling

    set ACL for sling-jcr-usermanager
        allow jcr:read,jcr:readAccessControl,jcr:modifyAccessControl,rep:write,rep:userManagement on /home
    end
    # SLING-9809 - Define service user and ACLs for usermanager >>>

[configurations]

  org.apache.sling.serviceusermapping.impl.ServiceUserMapperImpl.amended-jcr-usermanager
    user.mapping=[
      "org.apache.sling.jcr.jackrabbit.usermanager\=sling-jcr-usermanager"
    ]{code}

> Remove loginAdministrative() usage from org.apache.sling.jcr.jackrabbit.usermanager
> -----------------------------------------------------------------------------------
>
>                 Key: SLING-9809
>                 URL: https://issues.apache.org/jira/browse/SLING-9809
>             Project: Sling
>          Issue Type: Improvement
>            Reporter: Eric Norman
>            Assignee: Eric Norman
>            Priority: Major
>             Fix For: JCR Jackrabbit User Manager 2.2.12
>
>
> Create a service user and replace usage of loginAdministrative()  to use that service user.
>  
> Counted 2 occurrences in the current source code.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)