[
https://issues.apache.org/jira/browse/SLING-1670?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12900629#action_12900629
]
Felix Meschberger edited comment on SLING-1670 at 8/20/10 4:08 AM:
-------------------------------------------------------------------
Committed first version in Rev. 987396.
The security provider for the Apache Felix Web Console grants access to the
repository based on the user name and password provided.
(1) A session is acquired for the user name and password
(2) If the user is one of a configurable set of users allowed
access, the user is granted access.
(3) Otherwise if the user is a member of one of a configurable
set of groups allowed access, the user is granted access.
If the user name and password cannot be used to login to the repository or the
user is neither in the configured set of users nor a member of one of the
configured groups, access is denied.
was (Author: fmeschbe):
Committed first version in Rev. 987396.
> Implement WebConsoleSecurityProvider using Auth Core
> ----------------------------------------------------
>
> Key: SLING-1670
> URL: https://issues.apache.org/jira/browse/SLING-1670
> Project: Sling
> Issue Type: New Feature
> Components: Extensions
> Reporter: Felix Meschberger
> Assignee: Felix Meschberger
>
> Since Web Console 3.0 the WebConsoleSecurityProvider service interface may be
> implemented to provide authentication support for the web console other than
> the built-in HTTP Basic authentication supporting a single user.
> For Sling we should implement this service leveraging the Auth Core module to
> allow for versatile login mechanisms as well as authenticating against the
> ResourceResolverFactory.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
