Confirmed, this is principle name. At least this is what it was built
for in Jackrabbit 2. The string passed is escaped vis
org.apache.jackrabbit.oak.commons.QueryUtils#escapeForQuery
Michael
On 03.04.17 16:36, Angela Schreiber wrote:
Hi
I don't know how Michael intended it to work originally. Given the fact
that the impersonation setup is established and evaluated using principals
I would expect it to be a principal name, which in the default
implementation just can be any string value.
Kind regards
Angela
On 03/04/17 16:14, "Manfred Baedke" <manfred.bae...@gmail.com> wrote:
Hi all,
Can anyone clarify the contract of the method
org.apache.jackrabbit.api.security.user.QueryBuilder.impersonate(String
name)?
According to the JavaDoc, the parameter is the "name of an
authorizable". But the interface
org.apache.jackrabbit.api.security.user.Authorizable doesn't have a
name, just an id and a principal (which in turn has a name).
If a principal name is expected here (which seems to be the case
according to the implementations), then it needs to be specified if the
caller has to do any necessary escaping: if the user in question is e.g.
an LDAP user, it's principal name may contain backslash characters.
Best regards,
Manfred