Thanks for the patch. I try to look into it asap. Regards Felix
On 21.01.2010 18:59, Ian Boston (JIRA) wrote: > > [ > https://issues.apache.org/jira/browse/SLING-1282?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12803395#action_12803395 > ] > > Ian Boston commented on SLING-1282: > ----------------------------------- > > Uploaded patch set for this to http://codereview.appspot.com/190100 > > Issues: > Jackrabbit binds directly to SImpleCredentials which is final. > So I have had to use a wrapped callback handler to intercept requests for the > User ID and Impersonation where the final AdministrativeCredentials and > AnonCredentials are used. This appears to be perfectly Ok for the UserID, but > I am concerned that two things might be broken and not picked up by either > integration testing or unit testing > > Impersonation > JAAS based authentication which will further rely on the CallbackHandler > mechanisms. > > If someone has the time, I would appreciate a check as I dont think I should > commit as it is. > Thanks > Ian > >> Adminisrative logins depend on password in the code or config >> ------------------------------------------------------------- >> >> Key: SLING-1282 >> URL: https://issues.apache.org/jira/browse/SLING-1282 >> Project: Sling >> Issue Type: Bug >> Components: JCR >> Affects Versions: JCR Jackrabbit Server 2.0.6 >> Reporter: Ian Boston >> Assignee: Ian Boston >> Fix For: JCR Jackrabbit Server 2.0.6 >> >> >> Administrative logins use SimpleCredentials which means that they have to >> have a password. Although this is a configuration parameter changing the >> admin password creates some JVM timing difficulties especially when >> operating in a cluster. (JVMs would probably need to be restarted with new >> config immediately after changing the admin password.) >> It would be better to use special credentials to indicate internal logins to >> the repository (eg public final class AdministrativeCredentials implements >> Credentials) >> same is true for Anon/Guest users, although less important. >
