[
https://issues.apache.org/jira/browse/SLING-4624?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Dominique Jäggi updated SLING-4624:
-----------------------------------
Description:
When processing events or jobs the corresponding session that triggered the
event is usually lost. This leads to event handlers and job processors often
using administrative sessions to do their work. As per the effort of
eliminating all loginAdministrative use, there must be an alternative solution.
There preferred approach to solve this problem:
* Pass a serialization of the event-causing Subject in the event payload, and
create a ResourceResolver based on that subject (e.g. using JAAS doAsPrivileged
in the ResourceResolverFactory).
** Pros: "Clean" implementation from a security POV. Avoids re-authentication.
Operates with the original privileges. Security relevant code transparent to
the consumer of the event.
** Cons: Needs refactoring. Security relevant code transparent to the consumer
of the event (might also lead to problems).
Above approach is currently only partially implementable, as repository events
may be swallowed due to oak compressing commits upon encountering certain
loads, thus eliminating particular events or aggregating an event under a
different user than the "sub-event".
was:
When processing events or jobs the corresponding session that triggered the
event is usually lost. This leads to event handlers and job processors often
using administrative sessions to do their work. As per the effort of
eliminating all loginAdministrative use, there must be an alternative solution.
There preferred approach to solve this problem:
* Pass a serialization of the event-causing Subject in the event payload, and
create a ResourceResolver based on that subject (e.g. using JAAS doAsPrivileged
in the ResourceResolverFactory).
** Pros: "Clean" implementation from a security POV. Avoids re-authentication.
Operates with the original privileges. Security relevant code transparent to
the consumer of the event.
** Cons: Needs refactoring. Security relevant code transparent to the consumer
of the event (might also lead to problems).
> Implement Subject-Support for Events, Preprocessors and Jobs
> ------------------------------------------------------------
>
> Key: SLING-4624
> URL: https://issues.apache.org/jira/browse/SLING-4624
> Project: Sling
> Issue Type: Improvement
> Components: ResourceResolver
> Affects Versions: Resource Resolver 1.2.4
> Reporter: Dominique Jäggi
>
> When processing events or jobs the corresponding session that triggered the
> event is usually lost. This leads to event handlers and job processors often
> using administrative sessions to do their work. As per the effort of
> eliminating all loginAdministrative use, there must be an alternative
> solution. There preferred approach to solve this problem:
> * Pass a serialization of the event-causing Subject in the event payload, and
> create a ResourceResolver based on that subject (e.g. using JAAS
> doAsPrivileged in the ResourceResolverFactory).
> ** Pros: "Clean" implementation from a security POV. Avoids
> re-authentication. Operates with the original privileges. Security relevant
> code transparent to the consumer of the event.
> ** Cons: Needs refactoring. Security relevant code transparent to the
> consumer of the event (might also lead to problems).
> Above approach is currently only partially implementable, as repository
> events may be swallowed due to oak compressing commits upon encountering
> certain loads, thus eliminating particular events or aggregating an event
> under a different user than the "sub-event".
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
