sergehuber opened a new pull request, #822: URL: https://github.com/apache/unomi/pull/822
## Plain-language summary In V2 compatibility mode, admin users who sign in with Karaf credentials could not use some private REST endpoints. For example, `GET /cxs/privacy/info` returned a server error instead of server version information. This blocked health checks and admin tools during migration from Unomi 2.x to 3.1. This PR fixes that auth path. V3 authentication behavior is not changed. ## What changed * In V2 compatibility mode, merge Karaf JAAS principals with tenant admin roles for the configured default tenant. * Build the execution context from the merged subject so AGGREGATE and other tenant permissions apply. * Add an integration test for `GET /cxs/privacy/info` with Karaf auth in V2 compatibility mode. ## Test plan - [x] `V2CompatibilityModeIT` passes locally (including `testV2CompatibilityModeSwitch` and privacy/info check in `testV2ModeBehavior`) - [ ] `mvn clean install -P integration-tests` on CI ## References UNOMI-875, UNOMI-904 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
