Author: kwin Date: Wed Apr 5 15:02:57 2017 New Revision: 1790288 URL: http://svn.apache.org/viewvc?rev=1790288&view=rev Log: SLING-5135 add more links and fix some typos
Modified: sling/site/trunk/content/documentation/the-sling-engine/service-authentication.mdtext Modified: sling/site/trunk/content/documentation/the-sling-engine/service-authentication.mdtext URL: http://svn.apache.org/viewvc/sling/site/trunk/content/documentation/the-sling-engine/service-authentication.mdtext?rev=1790288&r1=1790287&r2=1790288&view=diff ============================================================================== --- sling/site/trunk/content/documentation/the-sling-engine/service-authentication.mdtext (original) +++ sling/site/trunk/content/documentation/the-sling-engine/service-authentication.mdtext Wed Apr 5 15:02:57 2017 @@ -185,10 +185,10 @@ extended with this information. ### Whitelisting bundles for administrative login In order to be able to manage few (hopefully legit) uses of the above deprecated -methods, a whitelisting mechanism was introduced. +methods, a whitelisting mechanism was introduced with [SLING-5153](https://issues.apache.org/jira/browse/SLING-5135) (*JCR Base 2.4.2*). The recommended way to whitelist a bundle for administrative login is via a -_whitelist fragment configuration_ is recommended. It can be created as an OSGi factory +_whitelist fragment configuration_. It can be created as an OSGi factory configuration with the factoryPID `org.apache.sling.jcr.base.internal.LoginAdminWhitelist.fragment`. E.g. a typical configuration file might be called `org.apache.sling.jcr.base.internal.LoginAdminWhitelist.fragment-myapp.config` @@ -202,7 +202,7 @@ and could look as follows: | Property | Type | Default | Description | |---------------------|----------|-------------|-------------| -| `whitelist.name` | String | "[unnamed]" | Purely informational property that allows easy identification of different fragments. | +| `whitelist.name` | String | `[unnamed]` | Purely informational property that allows easy identification of different fragments. | | `whitelist.bundles` | String[] | [] | An array of bundle symbolic names that should be allowed to make use of the administrative login functionality. | All configured whitelist fragments are taken into account. This makes @@ -214,7 +214,7 @@ could be done in a whitelist fragment na adds a whitelist fragment called `myapp`. For integration tests and additional whitelist fragment `myapp-integration-testing` may be added. -Furthermore, there is a global configuration, which should +Furthermore, there is a global configuration with PID `org.apache.sling.jcr.base.internal.LoginAdminWhitelist`, which should only be used in exceptional cases. It has a switch to turn administrative login on globally (`whitelist.bypass`) and it allows supplying a regular expression to whitelist matching bundle symbolic names (`whitelist.bundles.regexp`). @@ -227,7 +227,7 @@ Example: to whitelist all bundles genera whitelist.bypass=B"false" whitelist.bundles.regexp="^PAXEXAM.*$" -The configuration PID is PID `org.apache.sling.jcr.base.internal.LoginAdminWhitelist`. +The configuration PID is `org.apache.sling.jcr.base.internal.LoginAdminWhitelist`. It supports the following configuration properties. | Property | Type | Default | Description |