Hi, Am 09.11.2011 um 22:28 schrieb Justin Edelson:
> On Wed, Nov 9, 2011 at 1:02 PM, Felix Meschberger <[email protected]> wrote: >> Hi >> >> Moving to dev@... (bcc only to users@) >> >> Am 09.11.2011 um 18:24 schrieb Felix Meschberger: >> >>>> >>>> In addition, I suspect that while the requirements of the DavEx >>>> servlet with respect to Sling Authentication are not entirely unique >>>> and that *if* there are changes required in Sling Authentication to >>>> support the DavEx servlet will benefit other use cases. >>> >>> Well, there is a unique "feature" which is called "missing-auth-mapping". I >>> am not entirely sure, that I want to add support for such functionality. >>> Because in essence, this would just replace one "anonymous" user with >>> another one (with maybe the added functionality of being able to disable >>> that user...). >> >> On second thought .... >> >> The location to implement this would probably be the >> JcrResourceResolverFactory implementing the getResourceResolver method. This >> could then do analogous to the missing-auth-mapping. >> >> Still not sure, whether we would want to go there ... > > I was thinking it belonged in SlingAuthenticator's > getAnonymousResolver() method. > > Could be something as simple as: > if (request.getAttribute("anonymous.userid") { > ResourceResolver resolver = > resourceResolverFactory.getResourceResolver(Collections.singletonMap(ResourceResolverFactory.USER_IMPERSONATION, > request.getAttribute("anonymous.userid")); > } else { > ResourceResolver resolver = > resourceResolverFactory.getResourceResolver(null); > } The drawback of this solution would be to not be able to easily leverage JCR 2 GuestCredentials.... Do we need that ? Regards Felix > > Justin > >> >> Regards >> Felix
