[jira] [Resolved] (SLING-7613) Remove deprecation of SlingRepository.loginAdministrative()

Robert Munteanu (JIRA) Mon, 30 Jul 2018 08:21:22 -0700


     [ 
https://issues.apache.org/jira/browse/SLING-7613?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Robert Munteanu resolved SLING-7613.
------------------------------------
       Resolution: Won't Fix
    Fix Version/s:     (was: JCR API 2.4.2)

We failed to gather consensus and there were strong arguments against this 
raised on the Sling dev list - 
https://lists.apache.org/thread.html/629fa177b8409a5e7548d6980063263b60b42a12d97010155dc36b6c@%3Cdev.sling.apache.org%3E
 .

Resolving "won't fix".

> Remove deprecation of SlingRepository.loginAdministrative()
> -----------------------------------------------------------
>
>                 Key: SLING-7613
>                 URL: https://issues.apache.org/jira/browse/SLING-7613
>             Project: Sling
>          Issue Type: New Feature
>          Components: API
>    Affects Versions: JCR API 2.4.0
>            Reporter: Jörg Hoh
>            Assignee: Robert Munteanu
>            Priority: Major
>          Time Spent: 10m
>  Remaining Estimate: 0h
>
> There was a discussion on the Sling user list [1] about usecases which can 
> only be solved using the deprecated loginAdministrative() call. In the 
> context of Sling and Oak there are indeed a few cases which can be solved 
> best with a true admin session:
> * locking and unlocking nodes which have been locked by a different user.
> * at deployments resources/nodes are deployed at many locations inside the 
> repo, so you can either use an admin session or a system-user with an 
> equivalent set of permissions.
> * the discussions leaves it open if the impersonation feature internally 
> relies on an admin session or can be achieved without it.
> System users should be the preferred, but I would like to have an offical and 
> non-deprecated way to get an admin session in the API. It's ok if I need to 
> configure the explicit whitelisting as it is in place right now. But it 
> should be there.
> Plus there should be proper documentation when to use which approach.
> [1] 
> http://apache-sling.73963.n3.nabble.com/Deprecation-of-SlingRepository-loginAdministrative-td4081024.html



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Resolved] (SLING-7613) Remove deprecation of SlingRepository.loginAdministrative()

Reply via email to