[ https://issues.apache.org/jira/browse/SLING-5135?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15588070#comment-15588070 ]
Bertrand Delacretaz commented on SLING-5135: -------------------------------------------- bq. it would be useful to have a configuration option which instead of replacing the default bundle list adds to it. Good point, how about using two multi-value configuration parameters? * {{default.whitelisted.bundle.symbolic.names}} for the ones that we currently have * {{additional.whitelisted.bundle.symbolic.names}} for the "user" ones, empty by default I think this should be sufficient while giving more flexibility, WDYT? This hasn't been released yet so we can freely change the existing config parameter name. > Whitelist legit usages of loginAdministrative and administrative > ResourceResolver > --------------------------------------------------------------------------------- > > Key: SLING-5135 > URL: https://issues.apache.org/jira/browse/SLING-5135 > Project: Sling > Issue Type: Bug > Components: JCR > Reporter: Antonio Sanso > Assignee: Bertrand Delacretaz > Attachments: SLING-5135.patch, SLING-5135.patch > > > {{AbstractSlingRepositoryManager}} contains a method that disable > loginAdministrative support > {code} > /** > * Returns whether to disable the > * {@code SlingRepository.loginAdministrative} method or not. > * > * @return {@code true} if {@code SlingRepository.loginAdministrative} is > * disabled. > */ > public final boolean isDisableLoginAdministrative() > {code} > This is a global configuration. It would be nice to have an extension of such > mechanism that contains a white list of (few) legit usage of > {{loginAdministrative}} -- This message was sent by Atlassian JIRA (v6.3.4#6332)