kwin commented on code in PR #78:
URL: 
https://github.com/apache/sling-org-apache-sling-resourceresolver/pull/78#discussion_r940262210


##########
src/main/java/org/apache/sling/resourceresolver/impl/console/ResourceResolverWebConsolePlugin.java:
##########
@@ -255,19 +278,42 @@ protected void doPost(HttpServletRequest request,
         // finally redirect
         final String path = request.getContextPath() + request.getServletPath()
         + request.getPathInfo();
-        final String redirectTo;
+        String redirectTo;
         if (msg == null) {
             redirectTo = path;
         } else {
             redirectTo = path + '?' + PAR_MSG + '=' + encodeParam(msg) + '&'
                     + PAR_TEST + '=' + encodeParam(test);
+                if ( user != null && user.length() > 0 ) {
+                    redirectTo += '&' + PAR_USER + '=' + encodeParam(user);
+                }
         }
         response.sendRedirect(redirectTo);
     }
 
+    private ResourceResolver 
getImpersonatedResourceResolver(HttpServletRequest request, final String user)
+            throws LoginException {
+
+        // resolver is set by the auth.core bundle in case of successful 
authentication, so it should
+        // always be there
+        Object resolverAttribute = 
request.getAttribute(AuthenticationSupport.REQUEST_ATTRIBUTE_RESOLVER);

Review Comment:
   Just try to get a resourceresolver based on the service one. The one 
returned as request attribute might not have the according rights



-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: [email protected]

For queries about this service, please contact Infrastructure at:
[email protected]

Reply via email to