+1 - instead of whitelisted calls of the loginadmin call the mapping to admin could be whitelisted. Btw.the very early versions of servicemapping did allow to map to any user including admin which was used as temporary bridge until all the initial hiccups with service users were sorted out (at least by developers aware of that option - just remember because those admin mappings had thento be removed to be able to eliminate this option.
Cheers Dominik Jörg Hoh <[email protected]> schrieb am Fr. 27. Juli 2018 um 17:17: > Hi > > 2018-07-27 16:41 GMT+02:00 Jason E Bailey <[email protected]>: > > > I may be off base here since I haven't spent much time with service users > > but couldn't this be handled by extending the Service User so that for > > specific services, the user returned is the literal admin user. > > > > i.e. rather then whitelisting the services that can use > > loginAdministrative the service user that these whitelisted services > would > > get would be the Administrator user. > > > > That means, that instead of the service-user you can configure to receive > the admin-user? I guess, that it won't change much... Instead of creating a > new service-user lazy people will use the admin. One could argue, that it's > still to easy to use an admin session. But harmonizing both approaches > would definitley help, because then a switch from a service-user to an > admin-user and vice-versa would be just a configuration change, but no code > change. > > Jörg > > -- > Cheers, > Jörg Hoh, > > http://cqdump.wordpress.com > Twitter: @joerghoh >
