[jira] [Updated] (SLING-11503) WebconsoleSecurityProvider: Force authentication against JCR

[Joerg Hoh (Jira)]

     [ 
https://issues.apache.org/jira/browse/SLING-11503?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Joerg Hoh updated SLING-11503:
------------------------------
    Description: 
It should be possible to enforce an authentication against JCR even if 
SlingAuthentication is possible.

Assume that Sling Authentication is using SAML, but it still must be possible 
to authenticate against the JCR using local users.

This will just affect the authentication on the Webconsole!

To make this work we introduced a new framework property 
"sling.webconsole.authType" with 2 possible values:
* "slingAuth" (default): authenticate using Sling authentication
* "jcrAuth": authenticate against JCR using Basic Auth.


  was:
It should be possible to enforce an authentication against JCR even if 
SlingAuthentication is possible.

Assume that Sling Authentication is using SAML, but it still must be possible 
to authenticate against the JCR using local users.

This will just affect the authentication on the Webconsole!


> WebconsoleSecurityProvider: Force authentication against JCR
> ------------------------------------------------------------
>
>                 Key: SLING-11503
>                 URL: https://issues.apache.org/jira/browse/SLING-11503
>             Project: Sling
>          Issue Type: Task
>          Components: Extensions
>    Affects Versions: Web Console Security Provider 1.2.4
>            Reporter: Joerg Hoh
>            Assignee: Joerg Hoh
>            Priority: Major
>             Fix For: Web Console Security Provider 1.2.6
>
>          Time Spent: 2h
>  Remaining Estimate: 0h
>
> It should be possible to enforce an authentication against JCR even if 
> SlingAuthentication is possible.
> Assume that Sling Authentication is using SAML, but it still must be possible 
> to authenticate against the JCR using local users.
> This will just affect the authentication on the Webconsole!
> To make this work we introduced a new framework property 
> "sling.webconsole.authType" with 2 possible values:
> * "slingAuth" (default): authenticate using Sling authentication
> * "jcrAuth": authenticate against JCR using Basic Auth.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)