[jira] [Created] (SLING-10094) Update embedded version of xalan

Antonio Sanso created SLING-10094: - Summary: Update embedded version of xalan Key: SLING-10094 URL: https://issues.apache.org/jira/browse/SLING-10094 Project: Sling Issue Type: Task

[jira] [Commented] (SLING-9418) Usage of SHA-256 is insecure

[ https://issues.apache.org/jira/browse/SLING-9418?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17101654#comment-17101654 ] Antonio Sanso commented on SLING-9418: -- [~mahir.kabir] i resolved as invalid. Feel free to reopen

[jira] [Resolved] (SLING-9418) Usage of SHA-256 is insecure

[ https://issues.apache.org/jira/browse/SLING-9418?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Antonio Sanso resolved SLING-9418. -- Resolution: Invalid > Usage of SHA-256 is insec

[jira] [Commented] (SLING-9418) Usage of SHA-256 is insecure

[ https://issues.apache.org/jira/browse/SLING-9418?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17101506#comment-17101506 ] Antonio Sanso commented on SLING-9418: -- [~stefanegli] I do not think the salt applie to this case

[jira] [Commented] (SLING-8838) Add HEAD support to ContentDispositionFilter

[ https://issues.apache.org/jira/browse/SLING-8838?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17012616#comment-17012616 ] Antonio Sanso commented on SLING-8838: -- [~rombert] I do not see why not... > Add HEAD supp

[jira] [Updated] (SLING-8775) java.lang.StackOverflowError in XSSAPI.getValidHref

[ https://issues.apache.org/jira/browse/SLING-8775?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Antonio Sanso updated SLING-8775: - Description: The regex pattern in XSSAPI.getValidHref may cause StackOverflowError . try

[jira] [Created] (SLING-8775) java.lang.StackOverflowError in XSSAPI.getValidHref

Antonio Sanso created SLING-8775: Summary: java.lang.StackOverflowError in XSSAPI.getValidHref Key: SLING-8775 URL: https://issues.apache.org/jira/browse/SLING-8775 Project: Sling Issue Type

[jira] [Resolved] (SLING-8405) Improve Encoding in the Logger WebConsolePlugin

[ https://issues.apache.org/jira/browse/SLING-8405?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Antonio Sanso resolved SLING-8405. -- Resolution: Invalid > Improve Encoding in the Logger WebConsolePlu

Re: [DISCUSS] Remove webconsole obr integration

+1 on removing this! Thanks Karl antonio On 5/7/19, 6:14 PM, "Robert Munteanu" wrote: On Tue, 2019-05-07 at 16:15 +0200, Karl Pauls wrote: > Hi, > > I was wondering whether we actually need to ship the webconsole obr > plugin as part of our starter distribution - is this

[jira] [Created] (SLING-8405) Improve Encoding in the Log WebConsolePlugin

Antonio Sanso created SLING-8405: Summary: Improve Encoding in the Log WebConsolePlugin Key: SLING-8405 URL: https://issues.apache.org/jira/browse/SLING-8405 Project: Sling Issue Type

[jira] [Updated] (SLING-8405) Improve Encoding in the Logger WebConsolePlugin

[ https://issues.apache.org/jira/browse/SLING-8405?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Antonio Sanso updated SLING-8405: - Description: It would be good to improve the encoding in the Logger WebConsolePlugin

[jira] [Resolved] (SLING-8389) Improve Encoding in the Servlet WebConsolePlugin

[ https://issues.apache.org/jira/browse/SLING-8389?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Antonio Sanso resolved SLING-8389. -- Resolution: Invalid > Improve Encoding in the Servlet WebConsolePlu

[jira] [Updated] (SLING-8389) Improve Encoding in the Servlet WebConsolePlugin

[ https://issues.apache.org/jira/browse/SLING-8389?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Antonio Sanso updated SLING-8389: - Fix Version/s: Servlets Resolver 2.5.6 > Improve Encoding in the Servlet WebConsolePlu

[jira] [Assigned] (SLING-8389) Improve Encoding in the Servlet WebConsolePlugin

[ https://issues.apache.org/jira/browse/SLING-8389?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Antonio Sanso reassigned SLING-8389: Assignee: Antonio Sanso > Improve Encoding in the Servlet WebConsolePlu

[jira] [Resolved] (SLING-8403) Update composum.version to a newer version

[ https://issues.apache.org/jira/browse/SLING-8403?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Antonio Sanso resolved SLING-8403. -- Resolution: Fixed Fix Version/s: Starter 12 Fixed

[jira] [Created] (SLING-8403) Update composum.version to a newer version

Antonio Sanso created SLING-8403: Summary: Update composum.version to a newer version Key: SLING-8403 URL: https://issues.apache.org/jira/browse/SLING-8403 Project: Sling Issue Type: Task

[jira] [Created] (SLING-8389) Improve Encoding in the Servlet WebConsolePlugin

Antonio Sanso created SLING-8389: Summary: Improve Encoding in the Servlet WebConsolePlugin Key: SLING-8389 URL: https://issues.apache.org/jira/browse/SLING-8389 Project: Sling Issue Type

[jira] [Resolved] (SLING-8276) Improve the HtmlResponse template

[ https://issues.apache.org/jira/browse/SLING-8276?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Antonio Sanso resolved SLING-8276. -- Resolution: Won't Fix > Improve the HtmlResponse templ

[jira] [Assigned] (SLING-6011) Register request listener through http whiteboard

[ https://issues.apache.org/jira/browse/SLING-6011?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Antonio Sanso reassigned SLING-6011: Assignee: Carsten Ziegeler (was: Antonio Sanso) > Register request listener through h

[jira] [Assigned] (SLING-6011) Register request listener through http whiteboard

[ https://issues.apache.org/jira/browse/SLING-6011?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Antonio Sanso reassigned SLING-6011: Assignee: Antonio Sanso (was: Carsten Ziegeler) > Register request listener through h

[jira] [Created] (SLING-8276) Improve the HtmlResponse template

Antonio Sanso created SLING-8276: Summary: Improve the HtmlResponse template Key: SLING-8276 URL: https://issues.apache.org/jira/browse/SLING-8276 Project: Sling Issue Type: Improvement

[jira] [Commented] (SLING-7436) Wrong content/type in the Default JSON Renderer

[ https://issues.apache.org/jira/browse/SLING-7436?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16681033#comment-16681033 ] Antonio Sanso commented on SLING-7436: -- [~cziegeler] AFAIR the problem is not the content content

[jira] [Closed] (SLING-7933) Evaluate Referrer Filter also for anonymous users

[ https://issues.apache.org/jira/browse/SLING-7933?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Antonio Sanso closed SLING-7933. > Evaluate Referrer Filter also for anonymous us

[RESULT}[VOTE] Release Apache Sling Security 1.1.16

The vote passed with 4 binding +1s

Re: [VOTE] Release Apache Sling Security 1.1.16

My own +1 On 9/18/18, 11:54 AM, "Antonio Sanso" wrote: Hi, We solved 1 issue in this release: https://issues.apache.org/jira/browse/SLING-7933 Staging repository: https://repository.apache.org/content/repositories/orgapachesling-1985/ Y

[VOTE] Release Apache Sling Security 1.1.16

Hi, We solved 1 issue in this release: https://issues.apache.org/jira/browse/SLING-7933 Staging repository: https://repository.apache.org/content/repositories/orgapachesling-1985/ You can use this UNIX script to download the release and verify the signatures:

[jira] [Commented] (SLING-7933) Evaluate Referrer Filter also for anonymous users

[ https://issues.apache.org/jira/browse/SLING-7933?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16618772#comment-16618772 ] Antonio Sanso commented on SLING-7933: -- fixed in 0d85834b841fa3485679f3c03583cabac8346f9d

[jira] [Resolved] (SLING-7933) Evaluate Referrer Filter also for anonymous users

[ https://issues.apache.org/jira/browse/SLING-7933?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Antonio Sanso resolved SLING-7933. -- Resolution: Fixed Fix Version/s: Security 1.1.14 > Evaluate Referrer Filter a

[jira] [Commented] (SLING-7933) Evaluate Referrer Filter also for anonymous users

[ https://issues.apache.org/jira/browse/SLING-7933?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16617638#comment-16617638 ] Antonio Sanso commented on SLING-7933: -- [~cziegeler] suggested a really simple fix . It is indeed

[jira] [Created] (SLING-7933) Evaluate Referrer Filter also for anonymous users

Antonio Sanso created SLING-7933: Summary: Evaluate Referrer Filter also for anonymous users Key: SLING-7933 URL: https://issues.apache.org/jira/browse/SLING-7933 Project: Sling Issue Type

[jira] [Resolved] (SLING-7857) Unclosed ResourceResolver in org.apache.sling.extensions.webconsolesecurityprovider.internal.SlingWebConsoleSecurityProvider2

[ https://issues.apache.org/jira/browse/SLING-7857?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Antonio Sanso resolved SLING-7857. -- Resolution: Duplicate > Unclosed ResourceResol

[jira] [Commented] (SLING-7552) SlingPostServlet error handling still insufficient

[ https://issues.apache.org/jira/browse/SLING-7552?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16488820#comment-16488820 ] Antonio Sanso commented on SLING-7552: -- [~joerghoh] maybe a less invasive solution would be to change

[jira] [Comment Edited] (SLING-7552) SlingPostServlet error handling still insufficient

[ https://issues.apache.org/jira/browse/SLING-7552?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16488820#comment-16488820 ] Antonio Sanso edited comment on SLING-7552 at 5/24/18 11:30 AM: [~joerghoh

[jira] [Updated] (SLING-7631) Wrong log debug statement in ResourceResolverImpl

[ https://issues.apache.org/jira/browse/SLING-7631?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Antonio Sanso updated SLING-7631: - Fix Version/s: (was: Resource Resolver 1.6.0) Resource Resolver 1.6.2

[jira] [Resolved] (SLING-7631) Wrong log debug statement in ResourceResolverImpl

[ https://issues.apache.org/jira/browse/SLING-7631?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Antonio Sanso resolved SLING-7631. -- Resolution: Fixed Fix Version/s: Resource Resolver 1.6.0 > Wrong log debug statem

[jira] [Commented] (SLING-7631) Wrong log debug statement in ResourceResolverImpl

[ https://issues.apache.org/jira/browse/SLING-7631?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16460578#comment-16460578 ] Antonio Sanso commented on SLING-7631: -- fixed in rev. 31d72ce..2a87d59 > Wrong log debug statem

[jira] [Updated] (SLING-7631) Wrong log debug statement in ResourceResolverImpl

[ https://issues.apache.org/jira/browse/SLING-7631?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Antonio Sanso updated SLING-7631: - Component/s: ResourceResolver > Wrong log debug statement in ResourceResolverI

[jira] [Assigned] (SLING-7631) Wrong log debug statement in ResourceResolverImpl

[ https://issues.apache.org/jira/browse/SLING-7631?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Antonio Sanso reassigned SLING-7631: Assignee: Antonio Sanso > Wrong log debug statement in ResourceResolverI

[jira] [Created] (SLING-7631) Wrong log debug statement in ResourceResolverImpl

Antonio Sanso created SLING-7631: Summary: Wrong log debug statement in ResourceResolverImpl Key: SLING-7631 URL: https://issues.apache.org/jira/browse/SLING-7631 Project: Sling Issue Type

Re: [VOTE] Release Apache Sling Resource Resolver 1.6.0

+1 regards antonio On Mar 19, 2018, at 12:25 PM, Carsten Ziegeler wrote: > Hi, > > We solved 1 issues in this release: > > https://issues.apache.org/jira/projects/SLING/versions/12342885 > > Staging repository: >

[jira] [Closed] (SLING-7525) Content-Type missing after applying the ContentDispositionFilter twice

[ https://issues.apache.org/jira/browse/SLING-7525?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Antonio Sanso closed SLING-7525. > Content-Type missing after applying the ContentDispositionFilter tw

[RESULT] [VOTE] Release Apache Sling Security 1.1.12

The vote passed with 4 binding +1s regards antonio

Re: [VOTE] Release Apache Sling Security 1.1.12

+1 On Mar 15, 2018, at 10:27 AM, Antonio Sanso <asa...@adobe.com> wrote: > Hi, > > We solved 1 issue in this release: > https://issues.apache.org/jira/browse/SLING-7525 > > Staging repository: > https://repository.apache.org/content/repositories/orgapachesling-1886/

Re: setting up for a release

hi Jason, this is (at least partially) covered in http://sling.apache.org/documentation/development/release-management.html#update-jira regards antonio From: Jason E Bailey Sent: Thursday, March 15, 2018 4:02:08 PM To: dev@sling.apache.org

[VOTE] Release Apache Sling Security 1.1.12

Hi, We solved 1 issue in this release: https://issues.apache.org/jira/browse/SLING-7525 Staging repository: https://repository.apache.org/content/repositories/orgapachesling-1886/ You can use this UNIX script to download the release and verify the signatures:

[jira] [Resolved] (SLING-7525) Content-Type missing after applying the ContentDispositionFilter twice

[ https://issues.apache.org/jira/browse/SLING-7525?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Antonio Sanso resolved SLING-7525. -- Resolution: Fixed Fix Version/s: Security 1.1.12 fixed in  2cd13b2..8e37dda > Cont

[jira] [Commented] (SLING-7525) Content-Type missing after applying the ContentDispositionFilter twice

[ https://issues.apache.org/jira/browse/SLING-7525?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16396924#comment-16396924 ] Antonio Sanso commented on SLING-7525: -- I can reproduce. Thanks a lot [~orlowska] > Content-T

Re: [ANN] New committer: David Bosschaert

+1 On Mar 9, 2018, at 12:52 PM, Stefan Seifert wrote: > welcome david! > > stefan > >> -Original Message- >> From: Carsten Ziegeler [mailto:cziege...@apache.org] >> Sent: Friday, March 9, 2018 10:36 AM >> To: Sling Developers >> Subject: [ANN] New committer:

[jira] [Assigned] (SLING-2759) Provide an OpenId Connect Authentication Handler

[ https://issues.apache.org/jira/browse/SLING-2759?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Antonio Sanso reassigned SLING-2759: Assignee: (was: Antonio Sanso) > Provide an OpenId Connect Authentication Hand

[jira] [Commented] (SLING-2759) Provide an OpenId Connect Authentication Handler

[ https://issues.apache.org/jira/browse/SLING-2759?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16391416#comment-16391416 ] Antonio Sanso commented on SLING-2759: -- [~rombert] nop. Go for it :) > Provide an OpenId Conn

[jira] [Assigned] (SLING-7525) Content-Type missing after applying the ContentDispositionFilter twice

[ https://issues.apache.org/jira/browse/SLING-7525?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Antonio Sanso reassigned SLING-7525: Assignee: Antonio Sanso > Content-Type missing after applying the ContentDispositionFil

[jira] [Updated] (SLING-7436) Wrong content/type in the Default JSON Renderer

[ https://issues.apache.org/jira/browse/SLING-7436?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Antonio Sanso updated SLING-7436: - Description: Steps to reproduce: 1.Render a page (Renderer enabled) with JSON renderer. E.g

[jira] [Updated] (SLING-7436) Wrong content/type in the Default JSON Renderer

[ https://issues.apache.org/jira/browse/SLING-7436?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Antonio Sanso updated SLING-7436: - Description: Steps to reproduce: 1.Render a page (Renderer enabled) with JSON renderer. E.g

[jira] [Created] (SLING-7436) Wrong content/type in the Default JSON Renderer

Antonio Sanso created SLING-7436: Summary: Wrong content/type in the Default JSON Renderer Key: SLING-7436 URL: https://issues.apache.org/jira/browse/SLING-7436 Project: Sling Issue Type

CVE-2017-15700 - Apache Sling Authentication Service vulnerability

Severity: High Vendor: The Apache Software Foundation Versions Affected: Apache Sling Authentication Service 1.4.0 Description: A flaw in the org.apache.sling.auth.core.AuthUtil#isRedirectValid method allows an attacker, through the Sling login form, to trick a victim to send over their

[jira] [Updated] (SLING-7157) metatype.properties file must not be in OSGI-INF/metatype

[ https://issues.apache.org/jira/browse/SLING-7157?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Antonio Sanso updated SLING-7157: - Fix Version/s: (was: Auth Core 1.4.2) Auth Core 1.4.4

[jira] [Closed] (SLING-7243) Improve validation in AuthUtil.isRedirectValid

[ https://issues.apache.org/jira/browse/SLING-7243?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Antonio Sanso closed SLING-7243. > Improve validation in AuthUtil.isRedirectVa

[RESULT][VOTE] Release Apache Sling Authentication Service 1.4.2

the vote passed with 4 binding +1s

Re: [VOTE] Release Apache Sling Authentication Service 1.4.2

+1 On Dec 15, 2017, at 8:13 AM, Antonio Sanso <asa...@adobe.com.INVALID> wrote: > Hi, > > We solved 1 issue in this release: > > https://issues.apache.org/jira/browse/SLING-7243 > > Staging repository: > https://repository.apache.org/content/repositories/orgapac

[VOTE] Release Apache Sling Authentication Service 1.4.2

Hi, We solved 1 issue in this release: https://issues.apache.org/jira/browse/SLING-7243 Staging repository: https://repository.apache.org/content/repositories/orgapachesling-1837/ You can use this UNIX script to download the release and verify the signatures:

[jira] [Resolved] (SLING-7243) Improve validation in AuthUtil.isRedirectValid

[ https://issues.apache.org/jira/browse/SLING-7243?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Antonio Sanso resolved SLING-7243. -- Resolution: Fixed Fix Version/s: Auth Core 1.4.2 > Improve validat

[jira] [Commented] (SLING-7243) Improve validation in AuthUtil.isRedirectValid

[ https://issues.apache.org/jira/browse/SLING-7243?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16292129#comment-16292129 ] Antonio Sanso commented on SLING-7243: -- fixed in 015fe58b22e0625e9d88b687de50303db539482b > Impr

Re: value level encryption - Donating?

support should alleviate some > concerns as well. > > -Jason > > -Original Message- > From: Antonio Sanso [mailto:asa...@adobe.com.INVALID] > Sent: Tuesday, November 21, 2017 5:37 AM > To: dev@sling.apache.org > Subject: Re: value level encryption - Donating? >

Re: [VOTE] Release Apache Sling Resource Resolver 1.5.32

+1 On Nov 24, 2017, at 1:24 PM, Karl Pauls wrote: > I would like to call a vote on the following release, > > Apache Sling Resource Resolver 1.5.32 > > We solved 3 issue in this release: > https://issues.apache.org/jira/projects/SLING/versions/12341241 > > Staging

Re: [git] Retiring the old github.com/sling project

+1 On Nov 23, 2017, at 10:30 AM, Robert Munteanu wrote: > Hi, > > We discussed the 'old' github.com/sling mirror on and off, but never > reached a conclusion. > > Based on previous emails, I proposed that we: > > - rename sling to sling-archive. Github will generate

Re: value level encryption - Donating?

changing it, I'm having a lot of fun with > this. > > To make sure I'm on the same page. The direction right now is > AES/CBC/PKCS5Padding but with encrypt and MAC? > > -Original Message- > From: Antonio Sanso [mailto:asa...@adobe.com.INVALID] > S

Re: value level encryption - Donating?

default). An overall observation would be also that given the sensitive topic it would be good to have a more extensive test suite for this feature… my 2 cents regards antonio > > -----Original Message- > From: Antonio Sanso [mailto:asa...@adobe.com.INVALID] > Sent:

Re: value level encryption - Donating?

hi Jason, thanks a lot for the donation. I already commented on the issue, just pasting inline part of the comment though On Nov 20, 2017, at 2:50 PM, Jason Bailey wrote: > So I'm just about done implementing this. > > https://github.com/JEBailey/sling-encrypt > > Value

[jira] [Commented] (SLING-7255) Donating Sling Resource Encryption Utils

[ https://issues.apache.org/jira/browse/SLING-7255?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16259339#comment-16259339 ] Antonio Sanso commented on SLING-7255: -- [~jebailey] thanks for your donation. Without going to deep

[jira] [Updated] (SLING-7244) Correct require capability for http whiteboard

[ https://issues.apache.org/jira/browse/SLING-7244?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Antonio Sanso updated SLING-7244: - Fix Version/s: (was: Security 1.1.8) Security 1.1.10 > Correct requ

[jira] [Closed] (SLING-7219) Add scope forward to ContentDispositionFilter

[ https://issues.apache.org/jira/browse/SLING-7219?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Antonio Sanso closed SLING-7219. > Add scope forward to ContentDispositionFil

[RESULT][VOTE] Release Apache Sling Security 1.1.8

The vote passed with 4 binding +1s regards antonio

Re: [ANN] New Apache Sling PMC Chair: Robert Munteanu

+1 On Nov 16, 2017, at 3:27 PM, Karl Pauls wrote: > +1 > > Congrats Robert! > > regards, > > Karl > > On Thu, Nov 16, 2017 at 3:25 PM, Carsten Ziegeler > wrote: >> Hi, >> >> it's my pleasure to announce that Robert took up the role as our new PMC

Re: [VOTE] Release Apache Sling Security 1.1.8

+1 On Nov 15, 2017, at 2:20 PM, Antonio Sanso <asa...@adobe.com.INVALID> wrote: > Hi, > > We solved 2 issues in this release: > https://issues.apache.org/jira/projects/SLING/versions/12341288 > > Staging repository: > https://repository.apache.org/content/repos

Re: [VOTE] Release Apache Sling JCR Davex 1.3.10

+1 On Nov 16, 2017, at 1:07 PM, Karl Pauls wrote: > I would like to call a vote on the following release, > > Apache Sling JCR Davex 1.3.10 > > We solved 2 issue in this release: > https://issues.apache.org/jira/projects/SLING/versions/12339343 > > Staging repository: >

[jira] [Created] (SLING-7243) Improve validation in AuthUtil.isRedirectValid

Antonio Sanso created SLING-7243: Summary: Improve validation in AuthUtil.isRedirectValid Key: SLING-7243 URL: https://issues.apache.org/jira/browse/SLING-7243 Project: Sling Issue Type: Bug

[VOTE] Release Apache Sling Security 1.1.8

Hi, We solved 2 issues in this release: https://issues.apache.org/jira/projects/SLING/versions/12341288 Staging repository: https://repository.apache.org/content/repositories/orgapachesling-1811/ You can use this UNIX script to download the release and verify the signatures:

Re: value level encryption

hi Jason, leaving aside the API design for a second and focusing on the mere crypto. I would really be careful on what you are defining as default. AES ECB is almost = to no encryption. Same as providing a fixed IV… just saying….. regards antonio On Nov 10, 2017, at 9:53 PM, Jason Bailey

Re: [VOTE] Release Apache Sling API 2.16.4, JCR Resource Resolver 3.0.6, Default GET Servlets 2.1.29

+1 On Nov 2, 2017, at 5:49 PM, Ian Boston wrote: > Hi, > > I would like to call a vote on the following release, > > Apache Sling API 2.16.4 > Apache Sling JCR Resource Resolver 3.0.6 > Apache Sling Default GET Servlets 2.1.29 > > We solved 11 issue in this release: >

Re: [VOTE] Release Apache Sling Service User Mapper 1.3.6

+1 On Nov 2, 2017, at 5:15 PM, Karl Pauls wrote: > I would like to call a vote on the following release, > > Apache Sling Service User Mapper 1.3.6 > > We solved 2 issue in this release: > https://issues.apache.org/jira/projects/SLING/versions/12341841 > > Staging

[jira] [Resolved] (SLING-7219) Add scope forward to ContentDispositionFilter

[ https://issues.apache.org/jira/browse/SLING-7219?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Antonio Sanso resolved SLING-7219. -- Resolution: Fixed Fix Version/s: Security 1.1.8 > Add scope forw

[jira] [Commented] (SLING-7219) Add scope forward to ContentDispositionFilter

[ https://issues.apache.org/jira/browse/SLING-7219?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=1687#comment-1687 ] Antonio Sanso commented on SLING-7219: -- resolved in 6807642..640ae29 > Add scope forw

[jira] [Commented] (SLING-7218) NPE in org.apache.sling.security.impl.ContentDispositionFilter#activate

[ https://issues.apache.org/jira/browse/SLING-7218?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16221908#comment-16221908 ] Antonio Sanso commented on SLING-7218: -- [~kwin] this seems has been introduced in SLING-6316. Before

[jira] [Created] (SLING-7219) Add scope forward to ContentDispositionFilter

Antonio Sanso created SLING-7219: Summary: Add scope forward to ContentDispositionFilter Key: SLING-7219 URL: https://issues.apache.org/jira/browse/SLING-7219 Project: Sling Issue Type

[jira] [Assigned] (SLING-7218) NPE in org.apache.sling.security.impl.ContentDispositionFilter#activate

[ https://issues.apache.org/jira/browse/SLING-7218?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Antonio Sanso reassigned SLING-7218: Assignee: Antonio Sanso > NPE in org.apache.sling.security.impl.ContentDispositionFil

[jira] [Created] (SLING-7218) NPE in org.apache.sling.security.impl.ContentDispositionFilter#activate

Antonio Sanso created SLING-7218: Summary: NPE in org.apache.sling.security.impl.ContentDispositionFilter#activate Key: SLING-7218 URL: https://issues.apache.org/jira/browse/SLING-7218 Project: Sling

[jira] [Resolved] (SLING-7152) Unclosed ResourceResolver in org.apache.sling.extensions.webconsolesecurityprovider.internal.SlingWebConsoleSecurityProvider2

[ https://issues.apache.org/jira/browse/SLING-7152?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Antonio Sanso resolved SLING-7152. -- Resolution: Duplicate > Unclosed ResourceResol

[jira] [Commented] (SLING-7152) Unclosed ResourceResolver in org.apache.sling.extensions.webconsolesecurityprovider.internal.SlingWebConsoleSecurityProvider2

[ https://issues.apache.org/jira/browse/SLING-7152?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16189410#comment-16189410 ] Antonio Sanso commented on SLING-7152: -- [~cziegeler] of course you are right :S how about this other

[jira] [Commented] (SLING-7152) Unclosed ResourceResolver in org.apache.sling.extensions.webconsolesecurityprovider.internal.SlingWebConsoleSecurityProvider2

[ https://issues.apache.org/jira/browse/SLING-7152?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16188115#comment-16188115 ] Antonio Sanso commented on SLING-7152: -- {code} Index: src/main/java/org/apache/sling/extensions

[jira] [Created] (SLING-7152) Unclosed ResourceResolver in org.apache.sling.extensions.webconsolesecurityprovider.internal.SlingWebConsoleSecurityProvider2

Antonio Sanso created SLING-7152: Summary: Unclosed ResourceResolver in org.apache.sling.extensions.webconsolesecurityprovider.internal.SlingWebConsoleSecurityProvider2 Key: SLING-7152 URL: https

[jira] [Assigned] (SLING-7152) Unclosed ResourceResolver in org.apache.sling.extensions.webconsolesecurityprovider.internal.SlingWebConsoleSecurityProvider2

[ https://issues.apache.org/jira/browse/SLING-7152?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Antonio Sanso reassigned SLING-7152: Assignee: Antonio Sanso > Unclosed ResourceResol

Re: Mappings and Authentication

hi Lars, thanks a lot for your mail. FWIW this was already discussed in https://issues.apache.org/jira/browse/SLING-6394 regards antonio On Sep 21, 2017, at 10:39 AM, Lars Krapf wrote: > Hello list > > IIUC the Sling Authenticator chooses an authentication

Re: [VOTE] Release Apache Sling Security 1.1.6

+1 On Aug 4, 2017, at 2:47 PM, Carsten Ziegeler wrote: > Hi, > We solved 1 issues in this release: > > https://issues.apache.org/jira/browse/SLING-7030 > > Staging repository: > https://repository.apache.org/content/repositories/orgapachesling-1762/ > You can use this

ANN] New Apache Sling committer: Simone Tripodi

Hi *, Please welcome Simone Tripodi as a new committer of the Apache Sling project. The Apache Sling PMC recently decided to offer Simone committership based on his contributions. I'm happy to announce that he accepted the offer. Welcome to the team, Simo! @Simo if you want to honor the old

Re: [VOTE] Release Apache Sling Resource Resolver 1.5.26

+1 On Jul 5, 2017, at 4:04 PM, Karl Pauls wrote: > I would like to call a vote on the following release, > > Apache Sling Resource Resolver 1.5.26 > > We solved 1 issue in this release: > https://issues.apache.org/jira/projects/SLING/versions/12340514 > > Staging

Re: RTC - Add IMS Provider to AEM quickstart

hi guys, yeah sorry for the noise :( regards antonio On Jul 3, 2017, at 10:11 AM, Ian Boston <i...@tfd.co.uk> wrote: > Hi Antonio, > Wrong list perhaps ? > Best Regards > Ian > > On 3 July 2017 at 08:16, Antonio Sanso <asa...@adobe.com.invalid> wrote: > >

RTC - Add IMS Provider to AEM quickstart

please cast your vote: JIRA issue: https://jira.corp.adobe.com/browse/GRANITE-15927 Github repository: https://git.corp.adobe.com/Granite/com.adobe.granite.auth.ims Wiki: https://wiki.corp.adobe.com/display/~asanso/AEM+Managed+Services+IMS+Authentication+Support regards antonio

[jira] [Closed] (SLING-6972) Add a request attribute in the SlingAuthenticator containing the list of request URI suffixes handled by the default authenticator

[ https://issues.apache.org/jira/browse/SLING-6972?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Antonio Sanso closed SLING-6972. > Add a request attribute in the SlingAuthenticator containing the list of > request URI su

[RESULT] [VOTE] Release Apache Sling Authentication Service

The vote passed with 4 binding and 1 not binding +1s

[jira] [Commented] (SLING-6957) Failing tests when updating version of org.apache.sling.serviceusermapper to 1.3.2

[ https://issues.apache.org/jira/browse/SLING-6957?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16067838#comment-16067838 ] Antonio Sanso commented on SLING-6957: -- see also SLING-5667 > Failing tests when updating vers

  1   2   3   4   5   6   7   8   9   10   >