[
https://issues.apache.org/jira/browse/SLING-6849?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16034238#comment-16034238
]
Tomasz Wagner commented on SLING-6849:
--------------------------------------
Any update or plans for such improvement?
> Impersonation for group of users
> --------------------------------
>
> Key: SLING-6849
> URL: https://issues.apache.org/jira/browse/SLING-6849
> Project: Sling
> Issue Type: Improvement
> Components: ResourceResolver
> Reporter: Krzysztof Watral
> Labels: impersonation
>
> Currently we have two possibilities (which I know) to impersonate some
> account as a different user:
> # First solution can be implemented in the following way:
> {code:java}
> Map<String, Object> authenticationInfo = Maps.newHashMap();
> authenticationInfo.put(ResourceResolverFactory.USER_IMPERSONATION, userId);
> resourceResolver =
> resourceResolverFactory.getServiceResourceResolver(authenticationInfo);
> {code}
> it works, but adds a lot of effort for Administrators, they have to define
> each user in list of possible impersonators (unfortunately this approach
> doesn't support groups).
> # Second approach is to get user session using
> SlingRepository.impersonateFroService:
> {code:java}
> slingRepository.impersonateFromService(null, credentials, null);
> {code}
> Unfortunately, this requires to pass userId and password, that is usually
> impossible to get from programmatical point of view.
> To make life easier, it would be nice if one of the following suggestion
> would be implemented:
> - slingRepository.impersonateFromService(null, credentials, null); could
> start accepting credentials without password
> - impersonators could be configured for group of users
--
This message was sent by Atlassian JIRA
(v6.3.15#6346)
