[sling-site] branch master updated: SLING-9622 - Avoid registration of auth requirements for aliases and vanity paths

Wed, 26 Aug 2020 02:26:25 -0700 

This is an automated email from the ASF dual-hosted git repository.

rombert pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/sling-site.git


The following commit(s) were added to refs/heads/master by this push:
     new 43e2c86  SLING-9622 - Avoid registration of auth requirements for 
aliases and vanity paths
43e2c86 is described below

commit 43e2c86a671a88f4f3b9b87518efa4a87314980d
Author: Robert Munteanu <[email protected]>
AuthorDate: Wed Aug 26 11:24:38 2020 +0200

    SLING-9622 - Avoid registration of auth requirements for aliases and vanity 
paths
    
    * clarify that limitations apply to /etc/map
    * link to SLING-9689
---
 .../the-sling-engine/mappings-for-resource-resolution.md              | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git 
a/src/main/jbake/content/documentation/the-sling-engine/mappings-for-resource-resolution.md
 
b/src/main/jbake/content/documentation/the-sling-engine/mappings-for-resource-resolution.md
index 2fd6ba2..d84dd34 100644
--- 
a/src/main/jbake/content/documentation/the-sling-engine/mappings-for-resource-resolution.md
+++ 
b/src/main/jbake/content/documentation/the-sling-engine/mappings-for-resource-resolution.md
@@ -293,6 +293,8 @@ Additional mappings complicate the situation, therefore 
additional authenticatio
 
 and that `/content/parent` is a protected resource, authentication 
requirements will automatically be registered for both `/content/parent` and 
`/content/secret`.
 
+<div class="note">Although the section below uses vanity paths, it applies 
equally to mappings set up in <code>/etc/map</code></div>
+
 One scenario where authentication requirements will not be registered properly 
is when the child of a protected resource has an external vanity path ( or 
resource mapping ) that is not a descendant of an existing authentication 
requirement, such as:
 
     /content
@@ -305,7 +307,7 @@ In this scenario no authentication requirement will be 
registered for `/vanity`,
 - use external redirects. These will instruct the client to generate a new 
HTTP request, which will be properly handled by the Sling authentication
 - manually set up authentication reqiurements for internal mappings
 
-For an in-depth discussion on the matter, see [SLING-9622 - Avoid registration 
of auth requirements for aliases and vanity 
paths](https://issues.apache.org/jira/browse/SLING-9622).
+For an in-depth discussion on the matter, see [SLING-9622 - Avoid registration 
of auth requirements for aliases and vanity 
paths](https://issues.apache.org/jira/browse/SLING-9622) and also [SLING-9689 - 
Handle authentication requirements for children of protected resources when 
internal mappings](https://issues.apache.org/jira/browse/SLING-9689) for plans 
of improving the situation.
 
 ## Namespace Mangling

Reply via email to