On Wed, Nov 9, 2011 at 3:03 PM, Felix Meschberger <[email protected]> wrote: > Hi, > > Am 09.11.2011 um 22:28 schrieb Justin Edelson: > >> On Wed, Nov 9, 2011 at 1:02 PM, Felix Meschberger <[email protected]> wrote: >>> Hi >>> >>> Moving to dev@... (bcc only to users@) >>> >>> Am 09.11.2011 um 18:24 schrieb Felix Meschberger: >>> >>>>> >>>>> In addition, I suspect that while the requirements of the DavEx >>>>> servlet with respect to Sling Authentication are not entirely unique >>>>> and that *if* there are changes required in Sling Authentication to >>>>> support the DavEx servlet will benefit other use cases. >>>> >>>> Well, there is a unique "feature" which is called "missing-auth-mapping". >>>> I am not entirely sure, that I want to add support for such functionality. >>>> Because in essence, this would just replace one "anonymous" user with >>>> another one (with maybe the added functionality of being able to disable >>>> that user...). >>> >>> On second thought .... >>> >>> The location to implement this would probably be the >>> JcrResourceResolverFactory implementing the getResourceResolver method. >>> This could then do analogous to the missing-auth-mapping. >>> >>> Still not sure, whether we would want to go there ... >> >> I was thinking it belonged in SlingAuthenticator's >> getAnonymousResolver() method. >> >> Could be something as simple as: >> if (request.getAttribute("anonymous.userid") { >> ResourceResolver resolver = >> resourceResolverFactory.getResourceResolver(Collections.singletonMap(ResourceResolverFactory.USER_IMPERSONATION, >> request.getAttribute("anonymous.userid")); >> } else { >> ResourceResolver resolver = >> resourceResolverFactory.getResourceResolver(null); >> } > > The drawback of this solution would be to not be able to easily leverage JCR > 2 GuestCredentials.... Do we need that ?
IIUC, in the case Markus is describing (which is where you would set the anonymous.userid attribute), GuestCredentials wouldn't work. In essence, if wanted to put a non-blank, non-null value in missing-auth-mapping, that's the same value which would go into this anonymous.userid (which maybe would be better named missing.auth.userid) attribute. Justin > > Regards > Felix > > >> >> Justin >> >>> >>> Regards >>> Felix > >
