[
https://issues.apache.org/jira/browse/JCR-2931?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
angela resolved JCR-2931.
-------------------------
Resolution: Fixed
Assignee: angela
> Compatibility issue if admin impersonates admin session
> -------------------------------------------------------
>
> Key: JCR-2931
> URL: https://issues.apache.org/jira/browse/JCR-2931
> Project: Jackrabbit Content Repository
> Issue Type: Bug
> Components: jackrabbit-core, security
> Reporter: angela
> Assignee: angela
> Priority: Trivial
> Fix For: 2.3.0
>
>
> in revision 1076596 in made some improvements in ImpersonationImpl removing
> the shortcut for "AdminPrincipal" which from my point of view is problematic.
> however, this introduced the following compatibility issue (detected by tom):
> while - according to my tests - a user is allowed to impersonate itself (jcr
> isn't totally clear about this but states that Session.impersonate is used to
> "[...] impersonate" another [...]" this was possible for the admin-user due
> to the shortcut mentioned above.
> in order not to break existing code relying on that special case, i would
> suggest to change the code accordingly.
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira
