[ https://issues.apache.org/jira/browse/SLING-5135?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15568721#comment-15568721 ]
Bertrand Delacretaz commented on SLING-5135: -------------------------------------------- I have committed the launchpad changes in revision 1764464 to verify that this feature does not break our integration tests. I had to disable two tests for SLING-6139 but that's unrelated. So from the code point of view this should be ready, leaving this ticket open as I need to document the whitelist. > Whitelist legit usages of loginAdministrative and administrative > ResourceResolver > --------------------------------------------------------------------------------- > > Key: SLING-5135 > URL: https://issues.apache.org/jira/browse/SLING-5135 > Project: Sling > Issue Type: Bug > Components: JCR > Reporter: Antonio Sanso > Assignee: Bertrand Delacretaz > Attachments: SLING-5135.patch, SLING-5135.patch > > > {{AbstractSlingRepositoryManager}} contains a method that disable > loginAdministrative support > {code} > /** > * Returns whether to disable the > * {@code SlingRepository.loginAdministrative} method or not. > * > * @return {@code true} if {@code SlingRepository.loginAdministrative} is > * disabled. > */ > public final boolean isDisableLoginAdministrative() > {code} > This is a global configuration. It would be nice to have an extension of such > mechanism that contains a white list of (few) legit usage of > {{loginAdministrative}} -- This message was sent by Atlassian JIRA (v6.3.4#6332)