[
https://issues.apache.org/jira/browse/FELIX-6390?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Carsten Ziegeler resolved FELIX-6390.
-------------------------------------
Resolution: Fixed
[~enorman] somehow forgot to do that :) thanks
> Refactor the default authentication mechanism of the webconsole to be a
> WebConsoleSecurityProvider2
> ---------------------------------------------------------------------------------------------------
>
> Key: FELIX-6390
> URL: https://issues.apache.org/jira/browse/FELIX-6390
> Project: Felix
> Issue Type: Improvement
> Components: Web Console
> Reporter: Eric Norman
> Assignee: Carsten Ziegeler
> Priority: Major
> Fix For: webconsole-4.6.2
>
>
> To assist resolving SLING-10147 it would helpful if we could reasonably rely
> on there always being at least one WebConsoleSecurityProvider service
> available.
> The use case is that a webconsole plugin needs to make http requests outside
> of the OsgiManager servlet to retrieve some information to display in the
> plugin UI. The goal is that the security checking of that other endpoint
> would perform the same security checks that would be needed to access the
> webconsole itself. Reusing the WebConsoleSecurityProvider service in both
> places would be ideal.
> To make that the case, the proposal is to refactor the default "basic"
> authentication mechanism of the webconsole into a
> {{WebConsoleSecurityProvider}} class and expose it as a service. A very low
> service.ranking of this last resort security provider should ensure that any
> other WebConsoleSecurityProvider component that exists would be used instead.
>
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
