You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@sling.apache.org by ro...@apache.org on 2017/11/07 10:25:38 UTC
[sling-org-apache-sling-xss] 04/06: SLING-5234 - Remove
getAdministrativeResourceResolver() usage from org.apache.sling.xss
This is an automated email from the ASF dual-hosted git repository.
rombert pushed a commit to annotated tag org.apache.sling.xss-1.0.16
in repository https://gitbox.apache.org/repos/asf/sling-org-apache-sling-xss.git
commit 35b927fb68146a0d4b22bb7e5dc6bcd1c0272464
Author: Radu Cotescu <ra...@apache.org>
AuthorDate: Mon Oct 17 16:58:30 2016 +0000
SLING-5234 - Remove getAdministrativeResourceResolver() usage from org.apache.sling.xss
* switched to using a newly defined service user (sling-xss) that has read-only access for
{/libs,/apps}/sling/xss
git-svn-id: https://svn.apache.org/repos/asf/sling/trunk/bundles/extensions/xss@1765343 13f79535-47bb-0310-9956-ffa450edef68
---
.../java/org/apache/sling/xss/impl/XSSFilterImpl.java | 15 ++++++++++-----
1 file changed, 10 insertions(+), 5 deletions(-)
diff --git a/src/main/java/org/apache/sling/xss/impl/XSSFilterImpl.java b/src/main/java/org/apache/sling/xss/impl/XSSFilterImpl.java
index eb6da7d..098bbad 100644
--- a/src/main/java/org/apache/sling/xss/impl/XSSFilterImpl.java
+++ b/src/main/java/org/apache/sling/xss/impl/XSSFilterImpl.java
@@ -19,6 +19,7 @@ package org.apache.sling.xss.impl;
import java.io.InputStream;
import java.util.Arrays;
import java.util.Collections;
+import java.util.HashMap;
import java.util.List;
import java.util.Map;
import java.util.concurrent.ConcurrentHashMap;
@@ -71,6 +72,7 @@ public class XSSFilterImpl implements XSSFilter, ResourceChangeListener, Externa
public static final String DEFAULT_POLICY_PATH = "sling/xss/config.xml";
private static final String EMBEDDED_POLICY_PATH = "SLING-INF/content/config.xml";
+ private static final String SLING_XSS_USER = "sling-xss";
private static final int DEFAULT_POLICY_CACHE_SIZE = 128;
private PolicyHandler defaultHandler;
private Attribute hrefAttribute;
@@ -119,10 +121,13 @@ public class XSSFilterImpl implements XSSFilter, ResourceChangeListener, Externa
private synchronized void updateDefaultHandler() {
this.defaultHandler = null;
- ResourceResolver adminResolver = null;
+ ResourceResolver xssResourceResolver = null;
try {
- adminResolver = resourceResolverFactory.getAdministrativeResourceResolver(null);
- Resource policyResource = adminResolver.getResource(DEFAULT_POLICY_PATH);
+ Map<String, Object> authenticationInfo = new HashMap<String, Object>() {{
+ put(ResourceResolverFactory.SUBSERVICE, SLING_XSS_USER);
+ }};
+ xssResourceResolver = resourceResolverFactory.getServiceResourceResolver(authenticationInfo);
+ Resource policyResource = xssResourceResolver.getResource(DEFAULT_POLICY_PATH);
if (policyResource != null) {
try (InputStream policyStream = policyResource.adaptTo(InputStream.class)) {
setDefaultHandler(new PolicyHandler(policyStream));
@@ -159,8 +164,8 @@ public class XSSFilterImpl implements XSSFilter, ResourceChangeListener, Externa
} catch (LoginException e) {
LOGGER.error("Unable to load the default policy file.", e);
} finally {
- if (adminResolver != null) {
- adminResolver.close();
+ if (xssResourceResolver != null) {
+ xssResourceResolver.close();
}
}
}
--
To stop receiving notification emails like this one, please contact
"commits@sling.apache.org" <co...@sling.apache.org>.