This is an automated email from the ASF dual-hosted git repository. rombert pushed a commit to annotated tag org.apache.sling.jcr.davex-1.3.6 in repository https://gitbox.apache.org/repos/asf/sling-org-apache-sling-jcr-davex.git
commit e204b273f7988a8c61d7bed2a253db62855cb972 Author: Carsten Ziegeler <[email protected]> AuthorDate: Mon Dec 19 11:02:49 2016 +0000 SLING-6404 : Remove loginAdministrative() usage from jcr.davex git-svn-id: https://svn.apache.org/repos/asf/sling/trunk/bundles/jcr/davex@1775055 13f79535-47bb-0310-9956-ffa450edef68 --- pom.xml | 4 ++-- .../jcr/davex/impl/servlets/SlingDavExServlet.java | 19 +++++++------------ 2 files changed, 9 insertions(+), 14 deletions(-) diff --git a/pom.xml b/pom.xml index 1b3d925..857e720 100644 --- a/pom.xml +++ b/pom.xml @@ -33,7 +33,7 @@ </scm> <properties> - <jackrabbit.version>2.13.1</jackrabbit.version> + <jackrabbit.version>2.13.6</jackrabbit.version> </properties> <build> @@ -114,7 +114,7 @@ <dependency> <groupId>org.apache.sling</groupId> <artifactId>org.apache.sling.jcr.api</artifactId> - <version>2.0.6</version> + <version>2.4.0</version> <scope>provided</scope> </dependency> <dependency> diff --git a/src/main/java/org/apache/sling/jcr/davex/impl/servlets/SlingDavExServlet.java b/src/main/java/org/apache/sling/jcr/davex/impl/servlets/SlingDavExServlet.java index 8b7cde0..67f7f30 100644 --- a/src/main/java/org/apache/sling/jcr/davex/impl/servlets/SlingDavExServlet.java +++ b/src/main/java/org/apache/sling/jcr/davex/impl/servlets/SlingDavExServlet.java @@ -153,6 +153,7 @@ public class SlingDavExServlet extends JcrRemotingServlet { protected SessionProvider getSessionProvider() { return new SessionProvider() { + @Override public Session getSession(final HttpServletRequest req, final Repository repository, final String workspace) throws LoginException, RepositoryException, ServletException { final ResourceResolver resolver = (ResourceResolver) req.getAttribute(AuthenticationSupport.REQUEST_ATTRIBUTE_RESOLVER); @@ -168,6 +169,7 @@ public class SlingDavExServlet extends JcrRemotingServlet { throw new ServletException("ResourceResolver missing or not providing on JCR Session"); } + @Override public void releaseSession(final Session session) { log.debug("releaseSession: Logging out long lived Session ({})", session); session.logout(); @@ -177,25 +179,23 @@ public class SlingDavExServlet extends JcrRemotingServlet { * Creates a new session for the user of the slingSession in the * same workspace as the slingSession. * <p> - * Assumption: The admin session has permission to impersonate + * Assumption: The service session has permission to impersonate * as any user without restriction. If this is not the case * the Session.impersonate method throws a LoginException * which is folded into a RepositoryException. * * @param slingSession The session provided by the Sling - * authentication mechanis, + * authentication mechanism, * @return a new session which may (and will) outlast the request - * @throws RepositoryException If an error occurrs creating the + * @throws RepositoryException If an error occurs creating the * session. */ private Session getLongLivedSession(final Session slingSession) throws RepositoryException { - Session adminSession = null; final String user = slingSession.getUserID(); + final SimpleCredentials credentials = new SimpleCredentials(user, EMPTY_PW); try { - final SimpleCredentials credentials = new SimpleCredentials(user, EMPTY_PW); final String wsp = slingSession.getWorkspace().getName(); - adminSession = SlingDavExServlet.this.repository.loginAdministrative(wsp); - return adminSession.impersonate(credentials); + return SlingDavExServlet.this.repository.impersonateFromService(null, credentials, wsp); } catch (RepositoryException re) { // LoginException from impersonate (missing permission) @@ -203,11 +203,6 @@ public class SlingDavExServlet extends JcrRemotingServlet { // impersonate folded into RepositoryException to // cause a 403/FORBIDDEN response throw new RepositoryException("Cannot get session for " + user, re); - - } finally { - if (adminSession != null) { - adminSession.logout(); - } } } }; -- To stop receiving notification emails like this one, please contact "[email protected]" <[email protected]>.
