This is an automated email from the ASF dual-hosted git repository. rombert pushed a commit to annotated tag org.apache.sling.jcr.davex-1.3.8 in repository https://gitbox.apache.org/repos/asf/sling-org-apache-sling-jcr-davex.git
commit 8c68678cc06584397b4857bd0d744cecb582cd26 Author: Robert Munteanu <[email protected]> AuthorDate: Mon Jan 30 16:54:43 2017 +0000 SLING-6498 - DavEx: Login fails Revert "SLING-6404 : Remove loginAdministrative() usage from jcr.davex" This reverts r1775055, as the bundle became non-functional. git-svn-id: https://svn.apache.org/repos/asf/sling/trunk/bundles/jcr/davex@1780942 13f79535-47bb-0310-9956-ffa450edef68 --- pom.xml | 2 +- .../jcr/davex/impl/servlets/SlingDavExServlet.java | 19 ++++++++++++------- 2 files changed, 13 insertions(+), 8 deletions(-) diff --git a/pom.xml b/pom.xml index ab9cea1..562e875 100644 --- a/pom.xml +++ b/pom.xml @@ -114,7 +114,7 @@ <dependency> <groupId>org.apache.sling</groupId> <artifactId>org.apache.sling.jcr.api</artifactId> - <version>2.4.0</version> + <version>2.0.6</version> <scope>provided</scope> </dependency> <dependency> diff --git a/src/main/java/org/apache/sling/jcr/davex/impl/servlets/SlingDavExServlet.java b/src/main/java/org/apache/sling/jcr/davex/impl/servlets/SlingDavExServlet.java index 0372d9b..9b3343c 100644 --- a/src/main/java/org/apache/sling/jcr/davex/impl/servlets/SlingDavExServlet.java +++ b/src/main/java/org/apache/sling/jcr/davex/impl/servlets/SlingDavExServlet.java @@ -153,7 +153,6 @@ public class SlingDavExServlet extends JcrRemotingServlet { protected SessionProvider getSessionProvider() { return new SessionProvider() { - @Override public Session getSession(final HttpServletRequest req, final Repository repository, final String workspace) throws LoginException, RepositoryException, ServletException { final ResourceResolver resolver = (ResourceResolver) req.getAttribute(AuthenticationSupport.REQUEST_ATTRIBUTE_RESOLVER); @@ -169,7 +168,6 @@ public class SlingDavExServlet extends JcrRemotingServlet { throw new ServletException("ResourceResolver missing or not providing on JCR Session"); } - @Override public void releaseSession(final Session session) { log.debug("releaseSession: Logging out long lived Session ({})", session); session.logout(); @@ -179,23 +177,25 @@ public class SlingDavExServlet extends JcrRemotingServlet { * Creates a new session for the user of the slingSession in the * same workspace as the slingSession. * <p> - * Assumption: The service session has permission to impersonate + * Assumption: The admin session has permission to impersonate * as any user without restriction. If this is not the case * the Session.impersonate method throws a LoginException * which is folded into a RepositoryException. * * @param slingSession The session provided by the Sling - * authentication mechanism, + * authentication mechanis, * @return a new session which may (and will) outlast the request - * @throws RepositoryException If an error occurs creating the + * @throws RepositoryException If an error occurrs creating the * session. */ private Session getLongLivedSession(final Session slingSession) throws RepositoryException { + Session adminSession = null; final String user = slingSession.getUserID(); - final SimpleCredentials credentials = new SimpleCredentials(user, EMPTY_PW); try { + final SimpleCredentials credentials = new SimpleCredentials(user, EMPTY_PW); final String wsp = slingSession.getWorkspace().getName(); - return SlingDavExServlet.this.repository.impersonateFromService(null, credentials, wsp); + adminSession = SlingDavExServlet.this.repository.loginAdministrative(wsp); + return adminSession.impersonate(credentials); } catch (RepositoryException re) { // LoginException from impersonate (missing permission) @@ -203,6 +203,11 @@ public class SlingDavExServlet extends JcrRemotingServlet { // impersonate folded into RepositoryException to // cause a 403/FORBIDDEN response throw new RepositoryException("Cannot get session for " + user, re); + + } finally { + if (adminSession != null) { + adminSession.logout(); + } } } }; -- To stop receiving notification emails like this one, please contact "[email protected]" <[email protected]>.
