[ https://issues.apache.org/jira/browse/SLING-5135?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15653406#comment-15653406 ]
Julian Sedding commented on SLING-5135: --------------------------------------- SLING-5355 is useful for cutting down the {{DefaultWhitelist}}, as it links to a list of issues that intend to remove {{loginAdministrative}} and {{getAdministrativeResourceResolver}} usages. > Whitelist legit usages of loginAdministrative and administrative > ResourceResolver > --------------------------------------------------------------------------------- > > Key: SLING-5135 > URL: https://issues.apache.org/jira/browse/SLING-5135 > Project: Sling > Issue Type: Bug > Components: JCR > Reporter: Antonio Sanso > Assignee: Bertrand Delacretaz > Fix For: JCR Base 2.4.2 > > Attachments: SLING-5135.patch, SLING-5135.patch > > > {{AbstractSlingRepositoryManager}} contains a method that disable > loginAdministrative support > {code} > /** > * Returns whether to disable the > * {@code SlingRepository.loginAdministrative} method or not. > * > * @return {@code true} if {@code SlingRepository.loginAdministrative} is > * disabled. > */ > public final boolean isDisableLoginAdministrative() > {code} > This is a global configuration. It would be nice to have an extension of such > mechanism that contains a white list of (few) legit usage of > {{loginAdministrative}} -- This message was sent by Atlassian JIRA (v6.3.4#6332)