[
http://jira.magnolia-cms.com/browse/MAGNOLIA-2313?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=20587#action_20587
]
Gregory Joseph commented on MAGNOLIA-2313:
------------------------------------------
What's the status of this? Do we need any documentation / changelog, does this
mean any potential configuration change for users ?
> JcrAuthorizationModule should not extend JCRAuthenticationModule
> ----------------------------------------------------------------
>
> Key: MAGNOLIA-2313
> URL: http://jira.magnolia-cms.com/browse/MAGNOLIA-2313
> Project: Magnolia
> Issue Type: Bug
> Components: core
> Affects Versions: 3.6.1
> Reporter: Fabrizio Giustina
> Assignee: Fabrizio Giustina
> Priority: Critical
> Fix For: 3.6.x, 4.0
>
> Attachments: patch.txt
>
>
> ... or at least it shouldn't call login() in the JCRAuthenticationModule.
> The problem is that JcrAuthorizationModule should be usable to handle jcr
> authorization (expand groups and roles to ACLs), regardless of the
> authentication method used. But if you try to supply a different
> Authorization module, at least if this module uses different callbacks from
> the JcrAuthenticationModule, the login() method in the
> JCRAuthenticationModule will never pass.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://jira.magnolia-cms.com/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
----------------------------------------------------------------
For list details see
http://www.magnolia-cms.com/home/community/mailing-lists.html
To unsubscribe, E-mail to: <[email protected]>
----------------------------------------------------------------
