2014-03-17 8:38 GMT-07:00 Mike Müller mike...@mysign.ch:
Hi
I think this is insecure by design and not correct:
The problem is not, that we do grant access if no ResourceAccessGate is
registered for application context. The problem is, that we grant access
also if there is a
Hi,
On Tue, Mar 18, 2014 at 8:48 AM, Mike Müller mike...@mysign.ch wrote:
... Maybe it would make sense to rename the DONTCARE to CANTDECIDE which would
explain the mechanism better
I'm only half-following those discussions - do we have a single place
which explains how the RAG works?
As
[
https://issues.apache.org/jira/browse/SLING-585?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=13939073#comment-13939073
]
Konrad Windszus commented on SLING-585:
---
The original request was about including
[
https://issues.apache.org/jira/browse/SLING-585?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=13939104#comment-13939104
]
Justin Edelson commented on SLING-585:
--
[~kwin] I think you're looking for the
Marius Petria created SLING-3458:
Summary: Restrictions imposed by ProviderResourceAccessSecurity
should not be discarded by ApplicationResourceAccessSecurity
Key: SLING-3458
URL:
[
https://issues.apache.org/jira/browse/SLING-3458?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Marius Petria updated SLING-3458:
-
Attachment: SLING-3458.patch
I have updated the ResourceResolver to use the value returned by
I created an issue to fix the initial problem encountered by Mike [1].
The issue was that an explicit application scoped gate was needed to deny
update access even if the access was denied by a provider scoped gate. That
problem was captured in a test [2].
WDYT?
Marius
[1]
Konrad Windszus created SLING-3459:
--
Summary: sling:call should not log exceptions with the full
stacktrace
Key: SLING-3459
URL: https://issues.apache.org/jira/browse/SLING-3459
Project: Sling
[
https://issues.apache.org/jira/browse/SLING-3459?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Konrad Windszus updated SLING-3459:
---
Description:
Currently within the sling:call tag all exceptions are both logged on error
[
https://issues.apache.org/jira/browse/SLING-3456?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=13939267#comment-13939267
]
Tommaso Teofili commented on SLING-3456:
Thanks Marius, I've applied a slightly
[
https://issues.apache.org/jira/browse/SLING-3456?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=13939286#comment-13939286
]
Tommaso Teofili edited comment on SLING-3456 at 3/18/14 2:39 PM:
[
https://issues.apache.org/jira/browse/SLING-3456?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Tommaso Teofili resolved SLING-3456.
Resolution: Fixed
Assignee: Tommaso Teofili
fixed in r15789[10,11,18,25,26]
Create
Hi Justin,
thanks for your answer. What about if I come up with a patch for additional
annotations like
@InjectSlingValue and @InjectOsgiService
which are just another way of annotating fields/methods and combine logically
both the Inject and the Source. In case of InjectOsgiService one could
Justin Edelson created SLING-3460:
-
Summary: Internal refactoring to better support meta-annotations
Key: SLING-3460
URL: https://issues.apache.org/jira/browse/SLING-3460
Project: Sling
Hi Konrad,
I don't know about those names (@InjectSlingValue specifically -
what's a Sling Value?), but I think making @Inject work via
meta-annotations make sense. That support already exists for @Source,
would just need to be extended to work with @Inject as well. I just
did a little refactoring
Hi Justin,
great. Thanks a lot for that fix. What do you think of the following
annotations:
@SlingProperty (implies @Inject and @Source(“valuemap”))
@OsgiService (implies @Inject and @Source(“osgi-service”))
@SlingChildResource (implies @Inject and @Source(“child-resource”))
In my regard they
Hi Konrad,
How about just @Property and @ChildResource ? As with the @Model
annotation, I don't see a reason to add sling as it is already in
the package name.
@Property has overlap with SCR annotations, but I can't think of a
reason you would have them in the same class (and in any case, that's
Hi,
The vote has passed with the following result :
+1 (binding): Justin Edelson, Bertrand Delacretaz, and Carsten Ziegler
I will copy this release to the Sling dist directory and
promote the artifacts to the central Maven repository.
Regards,
Justin Edelson
Mike Müller created SLING-3461:
--
Summary: Add documentation for bundle resourceaccesssecurity
Key: SLING-3461
URL: https://issues.apache.org/jira/browse/SLING-3461
Project: Sling
Issue Type:
From: Bertrand Delacretaz [mailto:bdelacre...@apache.org]
Subject: Re: [RT] Make ResourceAccessSecurity always restrict access if
installed and no ResourceAccessGate present
Hi,
On Tue, Mar 18, 2014 at 8:48 AM, Mike Müller mike...@mysign.ch wrote:
... Maybe it would make sense to rename
Mike Müller created SLING-3462:
--
Summary: Make ResourceAccessSecurity provider context and
application context behave the same way
Key: SLING-3462
URL: https://issues.apache.org/jira/browse/SLING-3462
...snipsnap
Ok, I see your point and yes, partially this is related to the name
DONTCARE. I'm fine with renaming it to CANTDECIDE and then implementing
it the way you suggest :)
Regards
Carsten
Okay, created SLING-3462.
Best regards
mike
[
https://issues.apache.org/jira/browse/SLING-3458?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=13939697#comment-13939697
]
Mike Müller commented on SLING-3458:
The issue I described in [1], can be solved by
[
https://issues.apache.org/jira/browse/SLING-3462?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Mike Müller updated SLING-3462:
---
Description:
The problem was described and discussed in [1].
GateResult.DONTCARE should be renamed
[
https://issues.apache.org/jira/browse/SLING-3458?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Mike Müller reassigned SLING-3458:
--
Assignee: Mike Müller
Restrictions imposed by ProviderResourceAccessSecurity should not be
[
https://issues.apache.org/jira/browse/SLING-3017?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Oliver Lietz updated SLING-3017:
Description:
- separate testing support and test into own packages and jars
- use Maven Failsafe
26 matches
Mail list logo