[sling-org-apache-sling-xss] 04/06: SLING-5234 - Remove getAdministrativeResourceResolver() usage from org.apache.sling.xss

Tue, 07 Nov 2017 02:31:53 -0800 

This is an automated email from the ASF dual-hosted git repository.

rombert pushed a commit to annotated tag org.apache.sling.xss-1.0.16
in repository https://gitbox.apache.org/repos/asf/sling-org-apache-sling-xss.git

commit 35b927fb68146a0d4b22bb7e5dc6bcd1c0272464
Author: Radu Cotescu <[email protected]>
AuthorDate: Mon Oct 17 16:58:30 2016 +0000

    SLING-5234 - Remove getAdministrativeResourceResolver() usage from 
org.apache.sling.xss
    
    * switched to using a newly defined service user (sling-xss) that has 
read-only access for
    {/libs,/apps}/sling/xss
    
    git-svn-id: 
https://svn.apache.org/repos/asf/sling/trunk/bundles/extensions/xss@1765343 
13f79535-47bb-0310-9956-ffa450edef68
---
 .../java/org/apache/sling/xss/impl/XSSFilterImpl.java     | 15 ++++++++++-----
 1 file changed, 10 insertions(+), 5 deletions(-)

diff --git a/src/main/java/org/apache/sling/xss/impl/XSSFilterImpl.java 
b/src/main/java/org/apache/sling/xss/impl/XSSFilterImpl.java
index eb6da7d..098bbad 100644
--- a/src/main/java/org/apache/sling/xss/impl/XSSFilterImpl.java
+++ b/src/main/java/org/apache/sling/xss/impl/XSSFilterImpl.java
@@ -19,6 +19,7 @@ package org.apache.sling.xss.impl;
 import java.io.InputStream;
 import java.util.Arrays;
 import java.util.Collections;
+import java.util.HashMap;
 import java.util.List;
 import java.util.Map;
 import java.util.concurrent.ConcurrentHashMap;
@@ -71,6 +72,7 @@ public class XSSFilterImpl implements XSSFilter, 
ResourceChangeListener, Externa
 
     public static final String DEFAULT_POLICY_PATH = "sling/xss/config.xml";
     private static final String EMBEDDED_POLICY_PATH = 
"SLING-INF/content/config.xml";
+    private static final String SLING_XSS_USER = "sling-xss";
     private static final int DEFAULT_POLICY_CACHE_SIZE = 128;
     private PolicyHandler defaultHandler;
     private Attribute hrefAttribute;
@@ -119,10 +121,13 @@ public class XSSFilterImpl implements XSSFilter, 
ResourceChangeListener, Externa
 
     private synchronized void updateDefaultHandler() {
         this.defaultHandler = null;
-        ResourceResolver adminResolver = null;
+        ResourceResolver xssResourceResolver = null;
         try {
-            adminResolver = 
resourceResolverFactory.getAdministrativeResourceResolver(null);
-            Resource policyResource = 
adminResolver.getResource(DEFAULT_POLICY_PATH);
+            Map<String, Object> authenticationInfo = new HashMap<String, 
Object>() {{
+                put(ResourceResolverFactory.SUBSERVICE, SLING_XSS_USER);
+            }};
+            xssResourceResolver = 
resourceResolverFactory.getServiceResourceResolver(authenticationInfo);
+            Resource policyResource = 
xssResourceResolver.getResource(DEFAULT_POLICY_PATH);
             if (policyResource != null) {
                 try (InputStream policyStream = 
policyResource.adaptTo(InputStream.class)) {
                     setDefaultHandler(new PolicyHandler(policyStream));
@@ -159,8 +164,8 @@ public class XSSFilterImpl implements XSSFilter, 
ResourceChangeListener, Externa
         } catch (LoginException e) {
             LOGGER.error("Unable to load the default policy file.", e);
         } finally {
-            if (adminResolver != null) {
-                adminResolver.close();
+            if (xssResourceResolver != null) {
+                xssResourceResolver.close();
             }
         }
     }

-- 
To stop receiving notification emails like this one, please contact
"[email protected]" <[email protected]>.

Reply via email to