You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@sling.apache.org by "Bertrand Delacretaz (JIRA)" <ji...@apache.org> on 2015/12/29 09:57:49 UTC
[jira] [Commented] (SLING-5135) Extend
AbstractSlingRepositoryManager to whitelist loginAdministrative usage
[ https://issues.apache.org/jira/browse/SLING-5135?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15073669#comment-15073669 ]
Bertrand Delacretaz commented on SLING-5135:
--------------------------------------------
Note that we'll need a similar mechanism for {{ResourceResolverFactory.getAdministrativeResourceResolver()}}. I have suggested a mechanism on the Sling dev list in the _How to whitelist legit usages of loginAdministrative?_ thread.
> Extend AbstractSlingRepositoryManager to whitelist loginAdministrative usage
> ----------------------------------------------------------------------------
>
> Key: SLING-5135
> URL: https://issues.apache.org/jira/browse/SLING-5135
> Project: Sling
> Issue Type: Bug
> Components: JCR
> Reporter: Antonio Sanso
> Assignee: Bertrand Delacretaz
>
> {{AbstractSlingRepositoryManager}} contains a method that disable loginAdministrative support
> {code}
> /**
> * Returns whether to disable the
> * {@code SlingRepository.loginAdministrative} method or not.
> *
> * @return {@code true} if {@code SlingRepository.loginAdministrative} is
> * disabled.
> */
> public final boolean isDisableLoginAdministrative()
> {code}
> This is a global configuration. It would be nice to have an extension of such mechanism that contains a white list of (few) legit usage of {{loginAdministrative}}
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)