[
https://issues.apache.org/jira/browse/SLING-6404?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16251351#comment-16251351
]
angela commented on SLING-6404:
-------------------------------
[~cziegeler], [~kpauls], [~asanso], IMO the fix is a lot easier... since JCR
2.0 the specification mandates that each session can impersonate itself. That's
exactly would you need here if my reading of the code is correct. Apart from
that: even if you would use impersonation through another admin/service session
you would have to accept the fact that impersonation under certain circumstance
may not work (i.e. if the authentication setup doesn't support impersonation or
if impersonation from one user by another is prevented based on some
implementation specific constraints).... anyway.... patch attached.
[~kpauls], your manager told me that you are in charge of getting this fixed. I
would appreciate if you could review, test against Oak and apply my patch.
Thanks very much!
> Remove loginAdministrative() usage from jcr.davex
> -------------------------------------------------
>
> Key: SLING-6404
> URL: https://issues.apache.org/jira/browse/SLING-6404
> Project: Sling
> Issue Type: Improvement
> Reporter: Antonio Sanso
> Fix For: JCR Davex 1.3.10
>
>
> Remove loginAdministrative() usage from jcr.davex
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
