You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@sling.apache.org by "Ian Boston (JIRA)" <ji...@apache.org> on 2010/01/25 11:40:42 UTC

[jira] Reopened: (SLING-1282) Adminisrative logins depend on password in the code or config

     [ https://issues.apache.org/jira/browse/SLING-1282?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Ian Boston reopened SLING-1282:
-------------------------------


Problems exist with impersonation, reverted all changes and re-opened.

> Adminisrative logins depend on password in the code or config
> -------------------------------------------------------------
>
>                 Key: SLING-1282
>                 URL: https://issues.apache.org/jira/browse/SLING-1282
>             Project: Sling
>          Issue Type: Bug
>          Components: JCR
>    Affects Versions: JCR Jackrabbit Server 2.0.6
>            Reporter: Ian Boston
>            Assignee: Ian Boston
>             Fix For: JCR Jackrabbit Server 2.0.6
>
>
> Administrative logins use SimpleCredentials which means that they have to have a password. Although this is a configuration parameter changing the admin password creates some JVM timing difficulties especially when operating in a cluster. (JVMs would probably need to be restarted with new config immediately after changing the admin password.)
> It would be better to use special credentials to indicate internal logins to the repository (eg public final class AdministrativeCredentials implements Credentials)
> same is true for Anon/Guest users, although less important.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.