[
https://issues.apache.org/jira/browse/OAK-2947?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14973882#comment-14973882
]
angela edited comment on OAK-2947 at 10/26/15 8:05 AM:
-------------------------------------------------------
i stopped working on this issue as i became to believe that this should be
achieved along with the service user configuration in sling. what essentially
wish to have is namely the ability to retrieve a session for a given user
within a service... it's not the service user itself that must be entitle to
impersonate another user but rather that we need means to re-establish the
session for a given user (optionally with some limitations on what the nature
of that user should look like).
[[email protected]], in the setup you are using it is currently working anyway
and you don't need to configure it.
was (Author: anchela):
i stopped working on this issue as i became to believe that this should be
achieved along with the service user configuration in sling. what essentially
wish to have is namely the ability to retrieve a session for a given user
within a service... it's not the service user itself that must be entitle to
impersonate another user but rather that we need means to re-establish the
session for a given user (optionally with some limitations on what the nature
of that user should look like).
> Allow configured system user(s) to impersonate regular users
> ------------------------------------------------------------
>
> Key: OAK-2947
> URL: https://issues.apache.org/jira/browse/OAK-2947
> Project: Jackrabbit Oak
> Issue Type: New Feature
> Components: core
> Affects Versions: 1.2
> Reporter: angela
> Assignee: angela
> Attachments: OAK-2947.patch
>
>
> Based on some private discussion on how to implement a feature that allows a
> given subject to continue working on 'his' modifications after changes being
> persisted, we ([~djaeggi], [~chaotic] and [~anchela]) thought that it would
> be beneficial to have a configuration option in Oak that allows certain
> system users to impersonate regular users irrespective on the
> {{rep:impersonators}} properties present with those users.
> [~fmeschbe] additionally proposed to allow for a configuration that not only
> states the name(s) of the service users but also limits the sudo-rights to
> members of a certain group: for example the impersonation ability of a
> potential system user "impersonate-content-authors" could be limited to
> impersonate members of the "content-authors" group.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
