[
https://issues.apache.org/jira/browse/SLING-6849?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Krzysztof Watral updated SLING-6849:
------------------------------------
Description:
Currently we have two possibilities (which I know) to impersonate some account
as a different user:
# First solution can be implemented in the following way:
{code:java}
Map<String, Object> authenticationInfo = Maps.newHashMap();
authenticationInfo.put(ResourceResolverFactory.USER_IMPERSONATION, userId);
resourceResolver =
resourceResolverFactory.getServiceResourceResolver(authenticationInfo);
{code}
it works, but adds a lot of effort for Administrators, they have to define each
user in list of possible impersonators (unfortunately this approach doesn't
support a groups with users).
# Second approach is to get user session using
SlingRepository.impersonateFroService:
{code:java}
slingRepository.impersonateFromService(null, credentials, null);
{code}
Unfortunately, this requires to pass userId and password, that is usually
impossible to get from programmatical point of view.
To make life easier, it would be nice if one of the following suggestion would
be implemented:
- slingRepository.impersonateFromService(null, credentials, null); could start
accepting credentials without password
- impersonators could be configured for group of users
was:
Currently we have two possibilities (which I know) to impersonate some account
as a different user:
# First solution can be implemented in the following way:
{code:java}
Map<String, Object> authenticationInfo = Maps.newHashMap();
authenticationInfo.put(ResourceResolverFactory.USER_IMPERSONATION, userId);
resourceResolver =
resourceResolverFactory.getServiceResourceResolver(authenticationInfo);
{code}
it works, but adds a lot of effort for Administrators, because they have to
define each user in list of possible impersonators (unfortunately this approach
doesn't support a group of users).
# Second approach is to get user session using
SlingRepository.impersonateFroService:
{code:java}
slingRepository.impersonateFromService(null, credentials, null);
{code}
Unfortunately, this requires to pass userId and password, that is usually
impossible to get from programmatical point of view.
To make life easier, it would be nice if one of the following suggestion would
be implemented:
- slingRepository.impersonateFromService(null, credentials, null); could start
accepting credentials without password
- impersonators could be configured for group of users
> Impersonation for group of users
> --------------------------------
>
> Key: SLING-6849
> URL: https://issues.apache.org/jira/browse/SLING-6849
> Project: Sling
> Issue Type: Improvement
> Components: Authentication, ResourceResolver
> Reporter: Krzysztof Watral
> Labels: impersonation
>
> Currently we have two possibilities (which I know) to impersonate some
> account as a different user:
> # First solution can be implemented in the following way:
> {code:java}
> Map<String, Object> authenticationInfo = Maps.newHashMap();
> authenticationInfo.put(ResourceResolverFactory.USER_IMPERSONATION, userId);
> resourceResolver =
> resourceResolverFactory.getServiceResourceResolver(authenticationInfo);
> {code}
> it works, but adds a lot of effort for Administrators, they have to define
> each user in list of possible impersonators (unfortunately this approach
> doesn't support a groups with users).
> # Second approach is to get user session using
> SlingRepository.impersonateFroService:
> {code:java}
> slingRepository.impersonateFromService(null, credentials, null);
> {code}
> Unfortunately, this requires to pass userId and password, that is usually
> impossible to get from programmatical point of view.
> To make life easier, it would be nice if one of the following suggestion
> would be implemented:
> - slingRepository.impersonateFromService(null, credentials, null); could
> start accepting credentials without password
> - impersonators could be configured for group of users
--
This message was sent by Atlassian JIRA
(v6.3.15#6346)
