Re: How to whitelist legit usages of loginAdministrative?

On Wed, 2016-01-06 at 15:06 +, Marius Petria wrote: > > > > > On 1/6/16, 4:42 PM, "Bertrand Delacretaz" > wrote: > > > 4. Adding sling bundles to the whitelist requires a serious review, > > we > > want to keep that very small > > > > There are some legit uses of

Re: How to whitelist legit usages of loginAdministrative?

Hi, On Tue, Dec 29, 2015 at 8:28 PM, Marius Petria wrote: > An alternative way to spin this is to actually deprecate loginAdmin and > keep the loginService as > the only login API for such things. An admin session should be obtain via > loginService if the > service is

Re: How to whitelist legit usages of loginAdministrative?

On 1/6/16, 3:51 PM, "Bertrand Delacretaz" wrote: >Hi, > >On Tue, Dec 29, 2015 at 8:28 PM, Marius Petria wrote: >> An alternative way to spin this is to actually deprecate loginAdmin and >> keep the loginService as >> the only login API for

Re: How to whitelist legit usages of loginAdministrative?

On Wed, Jan 6, 2016 at 4:06 PM, Marius Petria wrote: > On 1/6/16, 4:42 PM, "Bertrand Delacretaz" wrote: >>...There are some legit uses of admin sessions, like SLING-5355. Hiding >>them behind pseudo service user is not useful IMO... > It works for me,

Re: How to whitelist legit usages of loginAdministrative?

Hi, On Wed, Jan 6, 2016 at 3:33 PM, Marius Petria wrote: > ...I think the spirit is to force every bundle to analyze its requirements > and switch to loginService > and only exceptionally use and admin session That's the idea, yes - here's the scenario as I see it: 1.

Re: How to whitelist legit usages of loginAdministrative?

On 1/6/16, 4:42 PM, "Bertrand Delacretaz" wrote: >4. Adding sling bundles to the whitelist requires a serious review, we >want to keep that very small > >There are some legit uses of admin sessions, like SLING-5355. Hiding >them behind pseudo service user is not

Re: How to whitelist legit usages of loginAdministrative?

On 12/29/15, 1:24 PM, "Bertrand Delacretaz" wrote: >On Tue, Dec 29, 2015 at 11:29 AM, Carsten Ziegeler >wrote: >... >>> If "admin safe" mode is enabled, loginAdmin fails *unless* the code >>> that calls is is marked with the reason why

How to whitelist legit usages of loginAdministrative?

Hi, This is about SLING-5135, do people have ideas for identifying which usages of loginAdministrative are acceptable? I'll need this for SLING-5355 for example, which creates users and sets access control. IMO the proper way to keep track of this is to keep the explanation why the programmer

Re: How to whitelist legit usages of loginAdministrative?

Hi, I don't understand what makes grepping for SlingAdminSession easier than grepping for loginAdministrative? Carsten Bertrand Delacretaz wrote > Hi, > > This is about SLING-5135, do people have ideas for identifying which > usages of loginAdministrative are acceptable? > > I'll need this

Re: How to whitelist legit usages of loginAdministrative?

Hi, On Tue, Dec 29, 2015 at 10:10 AM, Carsten Ziegeler wrote: > I don't understand what makes grepping for SlingAdminSession easier than > grepping for loginAdministrative? Grepping for loginAdministrative returns all existing legacy occurences, you have no way of knowing

Re: How to whitelist legit usages of loginAdministrative?

Bertrand Delacretaz wrote > Hi, > > On Tue, Dec 29, 2015 at 10:10 AM, Carsten Ziegeler > wrote: >> I don't understand what makes grepping for SlingAdminSession easier than >> grepping for loginAdministrative? > > Grepping for loginAdministrative returns all existing

Re: How to whitelist legit usages of loginAdministrative?

I think that adding new api in whatever form is not a good idea: this makes the code unusable with older api versions and binds it to the latest and greatest repository api/implementation. Adding a new api because of a tooling problem (simple grep not working) while breaking compatibility is

Re: How to whitelist legit usages of loginAdministrative?

On Tue, Dec 29, 2015 at 11:29 AM, Carsten Ziegeler wrote: ... >> If "admin safe" mode is enabled, loginAdmin fails *unless* the code >> that calls is is marked with the reason why it's needed. > > Don't want to be a pita, but that requirement is not in the issue :).. I

Re: How to whitelist legit usages of loginAdministrative?

Bertrand Delacretaz wrote > On Tue, Dec 29, 2015 at 11:29 AM, Carsten Ziegeler > wrote: > ... >>> If "admin safe" mode is enabled, loginAdmin fails *unless* the code >>> that calls is is marked with the reason why it's needed. >> >> Don't want to be a pita, but that

Re: How to whitelist legit usages of loginAdministrative?

On Tue, Dec 29, 2015 at 10:43 AM, Carsten Ziegeler wrote: > ...If we simply > require a comment on the same line as the loginAdmin (just as an > example) a simple grep works ootb That's not sufficient, IMO the SLING-5135 requirement is: If "admin safe" mode is

Re: How to whitelist legit usages of loginAdministrative?

Bertrand Delacretaz wrote > On Tue, Dec 29, 2015 at 10:43 AM, Carsten Ziegeler > wrote: >> ...If we simply >> require a comment on the same line as the loginAdmin (just as an >> example) a simple grep works ootb > > That's not sufficient, IMO the SLING-5135 requirement