You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@sling.apache.org by "Bertrand Delacretaz (JIRA)" <ji...@apache.org> on 2015/10/12 10:08:05 UTC

[jira] [Commented] (SLING-5135) Extend AbstractSlingRepositoryManager to whitelist loginAdministrative usage

    [ https://issues.apache.org/jira/browse/SLING-5135?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14952780#comment-14952780 ] 

Bertrand Delacretaz commented on SLING-5135:
--------------------------------------------

How would you specify the legit usages? Based on which bundle is using the service? On the calling stack trace?

> Extend AbstractSlingRepositoryManager to whitelist loginAdministrative usage
> ----------------------------------------------------------------------------
>
>                 Key: SLING-5135
>                 URL: https://issues.apache.org/jira/browse/SLING-5135
>             Project: Sling
>          Issue Type: Bug
>          Components: JCR
>            Reporter: Antonio Sanso
>
> {{AbstractSlingRepositoryManager}} contains a method that disable loginAdministrative support
> {code}
>     /**
>      * Returns whether to disable the
>      * {@code SlingRepository.loginAdministrative} method or not.
>      *
>      * @return {@code true} if {@code SlingRepository.loginAdministrative} is
>      *         disabled.
>      */
>     public final boolean isDisableLoginAdministrative() 
> {code}
> This is a global configuration. It would be nice to have an extension of such mechanism that contains a white list of (few) legit usage of {{loginAdministrative}}



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)