On Wed, Nov 9, 2011 at 1:02 PM, Felix Meschberger <[email protected]> wrote:
> Hi
>
> Moving to dev@... (bcc only to users@)
>
> Am 09.11.2011 um 18:24 schrieb Felix Meschberger:
>
>>>
>>> In addition, I suspect that while the requirements of the DavEx
>>> servlet with respect to Sling Authentication are not entirely unique
>>> and that *if* there are changes required in Sling Authentication to
>>> support the DavEx servlet will benefit other use cases.
>>
>> Well, there is a unique "feature" which is called "missing-auth-mapping". I
>> am not entirely sure, that I want to add support for such functionality.
>> Because in essence, this would just replace one "anonymous" user with
>> another one (with maybe the added functionality of being able to disable
>> that user...).
>
> On second thought ....
>
> The location to implement this would probably be the
> JcrResourceResolverFactory implementing the getResourceResolver method. This
> could then do analogous to the missing-auth-mapping.
>
> Still not sure, whether we would want to go there ...
I was thinking it belonged in SlingAuthenticator's
getAnonymousResolver() method.
Could be something as simple as:
if (request.getAttribute("anonymous.userid") {
ResourceResolver resolver =
resourceResolverFactory.getResourceResolver(Collections.singletonMap(ResourceResolverFactory.USER_IMPERSONATION,
request.getAttribute("anonymous.userid"));
} else {
ResourceResolver resolver =
resourceResolverFactory.getResourceResolver(null);
}
Justin
>
> Regards
> Felix
