On Wed, 2016-01-06 at 15:06 +, Marius Petria wrote:
>
>
>
>
> On 1/6/16, 4:42 PM, "Bertrand Delacretaz"
> wrote:
>
> > 4. Adding sling bundles to the whitelist requires a serious review,
> > we
> > want to keep that very small
> >
> > There are some legit uses of
Hi,
On Tue, Dec 29, 2015 at 8:28 PM, Marius Petria wrote:
> An alternative way to spin this is to actually deprecate loginAdmin and
> keep the loginService as
> the only login API for such things. An admin session should be obtain via
> loginService if the
> service is
On 1/6/16, 3:51 PM, "Bertrand Delacretaz" wrote:
>Hi,
>
>On Tue, Dec 29, 2015 at 8:28 PM, Marius Petria wrote:
>> An alternative way to spin this is to actually deprecate loginAdmin and
>> keep the loginService as
>> the only login API for
On Wed, Jan 6, 2016 at 4:06 PM, Marius Petria wrote:
> On 1/6/16, 4:42 PM, "Bertrand Delacretaz" wrote:
>>...There are some legit uses of admin sessions, like SLING-5355. Hiding
>>them behind pseudo service user is not useful IMO...
> It works for me,
Hi,
On Wed, Jan 6, 2016 at 3:33 PM, Marius Petria wrote:
> ...I think the spirit is to force every bundle to analyze its requirements
> and switch to loginService
> and only exceptionally use and admin session
That's the idea, yes - here's the scenario as I see it:
1.
On 1/6/16, 4:42 PM, "Bertrand Delacretaz" wrote:
>4. Adding sling bundles to the whitelist requires a serious review, we
>want to keep that very small
>
>There are some legit uses of admin sessions, like SLING-5355. Hiding
>them behind pseudo service user is not
On 12/29/15, 1:24 PM, "Bertrand Delacretaz" wrote:
>On Tue, Dec 29, 2015 at 11:29 AM, Carsten Ziegeler
>wrote:
>...
>>> If "admin safe" mode is enabled, loginAdmin fails *unless* the code
>>> that calls is is marked with the reason why
Hi,
This is about SLING-5135, do people have ideas for identifying which
usages of loginAdministrative are acceptable?
I'll need this for SLING-5355 for example, which creates users and
sets access control.
IMO the proper way to keep track of this is to keep the explanation
why the programmer
Hi,
I don't understand what makes grepping for SlingAdminSession easier than
grepping for loginAdministrative?
Carsten
Bertrand Delacretaz wrote
> Hi,
>
> This is about SLING-5135, do people have ideas for identifying which
> usages of loginAdministrative are acceptable?
>
> I'll need this
Hi,
On Tue, Dec 29, 2015 at 10:10 AM, Carsten Ziegeler wrote:
> I don't understand what makes grepping for SlingAdminSession easier than
> grepping for loginAdministrative?
Grepping for loginAdministrative returns all existing legacy
occurences, you have no way of knowing
Bertrand Delacretaz wrote
> Hi,
>
> On Tue, Dec 29, 2015 at 10:10 AM, Carsten Ziegeler
> wrote:
>> I don't understand what makes grepping for SlingAdminSession easier than
>> grepping for loginAdministrative?
>
> Grepping for loginAdministrative returns all existing
I think that adding new api in whatever form is not a good idea: this
makes the code unusable with older api versions and binds it to the
latest and greatest repository api/implementation.
Adding a new api because of a tooling problem (simple grep not working)
while breaking compatibility is
On Tue, Dec 29, 2015 at 11:29 AM, Carsten Ziegeler wrote:
...
>> If "admin safe" mode is enabled, loginAdmin fails *unless* the code
>> that calls is is marked with the reason why it's needed.
>
> Don't want to be a pita, but that requirement is not in the issue :)..
I
Bertrand Delacretaz wrote
> On Tue, Dec 29, 2015 at 11:29 AM, Carsten Ziegeler
> wrote:
> ...
>>> If "admin safe" mode is enabled, loginAdmin fails *unless* the code
>>> that calls is is marked with the reason why it's needed.
>>
>> Don't want to be a pita, but that
On Tue, Dec 29, 2015 at 10:43 AM, Carsten Ziegeler wrote:
> ...If we simply
> require a comment on the same line as the loginAdmin (just as an
> example) a simple grep works ootb
That's not sufficient, IMO the SLING-5135 requirement is:
If "admin safe" mode is
Bertrand Delacretaz wrote
> On Tue, Dec 29, 2015 at 10:43 AM, Carsten Ziegeler
> wrote:
>> ...If we simply
>> require a comment on the same line as the loginAdmin (just as an
>> example) a simple grep works ootb
>
> That's not sufficient, IMO the SLING-5135 requirement
16 matches
Mail list logo