You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@sling.apache.org by "Karl Pauls (JIRA)" <ji...@apache.org> on 2018/11/07 15:30:00 UTC
[jira] [Resolved] (SLING-7930) Provide default ServiceUserMapped
services
[ https://issues.apache.org/jira/browse/SLING-7930?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Karl Pauls resolved SLING-7930.
-------------------------------
Resolution: Fixed
Basically, I think this issues comes down to two things namely,
only provide ServiceUserMapped services for mappings where the service user is valid
provide ServiceUserMapped service(s) for the default user (if any).
In regard to 1) it turns out, we already have verification around - we just didn't use it for the mappings. Consequently, I just piggyback on the existing verification and only make services available that have a valid service user (i.e., filter out all that don't). That should work ok for the case where we don't have jcr around as in that case there is no verifier (and hence, all service users are valid) - unless somebody provides a different one (i.e., it is up to the resource providers to provide verifiers).
In regard to 2) I publish a default ServiceUserMapped in case default user is enabled (or provided). I then turn around in the hooks and make sure it is a valid one (its a little more complicated in there because we don't want to check for them unless we have to as that generated warnings).
Done in https://github.com/apache/sling-org-apache-sling-serviceusermapper/pull/1
> Provide default ServiceUserMapped services
> ------------------------------------------
>
> Key: SLING-7930
> URL: https://issues.apache.org/jira/browse/SLING-7930
> Project: Sling
> Issue Type: Improvement
> Components: Service User Mapper
> Reporter: Carsten Ziegeler
> Assignee: Karl Pauls
> Priority: Major
> Fix For: Service User Mapper 1.4.4
>
>
> One goal of Sling is to be configurationless. With SLING-6772, the service user mapper module introduces a default for service user mappings. However this does not include registering a ServiceUserMapped service - but, other services in the system have a reference on such services to ensure that a mapping is available.
> In addition, currently ServiceUserMapped only ensures that a "mapping" is available, but not the service user itself
> This has been recently discussed in the Sling mailing list
> [https://lists.apache.org/thread.html/b7a00588cd6c44078d38572b38002965916c9f18dedd9a64380428ad@%3Cdev.sling.apache.org%3E]
>
> We would use the existing service hooks to see if for any given ServiceUserMapped requested we can actually log into all registered resource providers that require authentication and are not lazy. If a login exception occurs, it's not available and we don't register the ServiceUserMapped. Obviously, if a resource provider gets added that requires authentication and is not lazy we need to recheck but this way we at least would neither exposes service users to the world nor, require API changes.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)