You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@sling.apache.org by "Dan Klco (Jira)" <ji...@apache.org> on 2021/07/22 15:17:00 UTC

[jira] [Commented] (SLING-10649) Impersonate User in Sling Testing Client

    [ https://issues.apache.org/jira/browse/SLING-10649?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17385601#comment-17385601 ] 

Dan Klco commented on SLING-10649:
----------------------------------

Pull request created: https://github.com/apache/sling-org-apache-sling-testing-clients/pull/21

> Impersonate User in Sling Testing Client
> ----------------------------------------
>
>                 Key: SLING-10649
>                 URL: https://issues.apache.org/jira/browse/SLING-10649
>             Project: Sling
>          Issue Type: Improvement
>          Components: Apache Sling Testing Clients
>    Affects Versions: Apache Sling Testing Clients 2.0.8
>            Reporter: Dan Klco
>            Assignee: Dan Klco
>            Priority: Major
>             Fix For: Apache Sling Testing Clients 2.0.10
>
>          Time Spent: 10m
>  Remaining Estimate: 0h
>
> When testing functionality in Apache Sling applications it is often required to use non-administrative users to ensure the functionality works for less-privileged users or to test privilege-limited features. 
> With the current functionality in Sling Testing Clients, this means opening a new SlingClient instance for the administrative and non-administrative users. This can cause issues if the instances are load-balanced between a topology of instances with eventual consistency as the two clients are not guaranteed to be routed to the same instance. 
> Therefore, it would desirable to be able to impersonate another user, using the same administrative Sling Testing Client, using the [sling.sudo|https://github.com/apache/sling-org-apache-sling-auth-core/blob/f9799ec7f4eeac3a809d28adb711fbb7bcc8367d/src/main/java/org/apache/sling/auth/core/impl/SlingAuthenticator.java#L117] cookie to impersonate the desired user from admin so that the same testing client would be used, avoiding significant increases in complexity and execution time in tests in needing to wait until the instances are consistent.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)