You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@sling.apache.org by "Carsten Ziegeler (Jira)" <ji...@apache.org> on 2023/04/14 07:49:00 UTC

[jira] [Resolved] (SLING-2762) AbstractSlingRepository#login violates JCR spec

     [ https://issues.apache.org/jira/browse/SLING-2762?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Carsten Ziegeler resolved SLING-2762.
-------------------------------------
    Resolution: Won't Fix

> AbstractSlingRepository#login violates JCR spec
> -----------------------------------------------
>
>                 Key: SLING-2762
>                 URL: https://issues.apache.org/jira/browse/SLING-2762
>             Project: Sling
>          Issue Type: Bug
>          Components: JCR
>            Reporter: Antonio Sanso
>            Assignee: Antonio Sanso
>            Priority: Major
>
> AbstractSlingRepository#login seems to violate the javax.jcr.Repository spec.
> The API [0] says
> " If credentials is null, it is assumed that authentication is handled by a mechanism external to the repository itself (for example, through the JAAS framework) and that the repository implementation exists within a context (for example, an application server) that allows it to handle authorization of the request for access to the specified workspace."
> while the implementation looks like
> {code}
> ...
> if (credentials == null) {
>     credentials = getAnonCredentials(this.anonUser);
> }
> ...
> {code}
> [0] http://www.day.com/maven/jsr170/javadocs/jcr-2.0/javax/jcr/Repository.html#login%28javax.jcr.Credentials,%20java.lang.String%29



--
This message was sent by Atlassian Jira
(v8.20.10#820010)