You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@sling.apache.org by ro...@apache.org on 2017/11/07 09:47:35 UTC
[sling-org-apache-sling-jcr-davex] 31/44: SLING-2325 - using
request attribute flag rather than impersonation to ensure that a session
lives past the current request
This is an automated email from the ASF dual-hosted git repository.
rombert pushed a commit to annotated tag org.apache.sling.jcr.davex-1.1.0
in repository https://gitbox.apache.org/repos/asf/sling-org-apache-sling-jcr-davex.git
commit 51e2fc3b893fa01568b609aa52197bd3c22799fd
Author: Justin Edelson <ju...@apache.org>
AuthorDate: Wed Dec 21 01:03:15 2011 +0000
SLING-2325 - using request attribute flag rather than impersonation to ensure that a session lives past the current request
git-svn-id: https://svn.apache.org/repos/asf/sling/trunk/bundles/jcr/davex@1221546 13f79535-47bb-0310-9956-ffa450edef68
---
.../jcr/davex/impl/servlets/SlingDavExServlet.java | 21 +++++++++++++--------
1 file changed, 13 insertions(+), 8 deletions(-)
diff --git a/src/main/java/org/apache/sling/jcr/davex/impl/servlets/SlingDavExServlet.java b/src/main/java/org/apache/sling/jcr/davex/impl/servlets/SlingDavExServlet.java
index aed68c4..28d5cda 100644
--- a/src/main/java/org/apache/sling/jcr/davex/impl/servlets/SlingDavExServlet.java
+++ b/src/main/java/org/apache/sling/jcr/davex/impl/servlets/SlingDavExServlet.java
@@ -20,12 +20,10 @@ import java.util.Dictionary;
import java.util.Hashtable;
import java.util.Map;
-import javax.jcr.Credentials;
import javax.jcr.LoginException;
import javax.jcr.Repository;
import javax.jcr.RepositoryException;
import javax.jcr.Session;
-import javax.jcr.SimpleCredentials;
import javax.servlet.http.HttpServletRequest;
import org.apache.felix.scr.annotations.Activate;
@@ -76,6 +74,15 @@ public class SlingDavExServlet extends JcrRemotingServlet {
*/
private static final String PAR_AUTH_REQ = "sling.auth.requirements";
+ /**
+ * Constant copied from <code>SlingConstants</code> to enable compatibility
+ * with older API bundle.
+ *
+ * TODO - remove once Sling API 2.3.0 has been released
+ */
+ private static final String ATTR_RESOURCE_RESOLVER_SKIP_CLOSE = "org.apache.sling.api.resource.ResourceResolver.skip.close";
+
+
@Reference
private Repository repository;
@@ -158,8 +165,6 @@ public class SlingDavExServlet extends JcrRemotingServlet {
return repository;
}
- private static char[] EMPTY_PW = new char[0];
-
@Override
protected SessionProvider getSessionProvider() {
return new SessionProvider() {
@@ -172,11 +177,11 @@ public class SlingDavExServlet extends JcrRemotingServlet {
if ( resolver != null ) {
final Session session = resolver.adaptTo(Session.class);
// as the session might be longer used by davex than the request
- // we have to create a new session!
+ // we have to tell the engine and authenticators to leave the resource
+ // resolver open
if ( session != null ) {
- final Credentials credentials = new SimpleCredentials(session.getUserID(), EMPTY_PW);
- final Session newSession = session.impersonate(credentials);
- return newSession;
+ req.setAttribute(ATTR_RESOURCE_RESOLVER_SKIP_CLOSE, "");
+ return session;
}
}
return null;
--
To stop receiving notification emails like this one, please contact
"commits@sling.apache.org" <co...@sling.apache.org>.