Re: [jira] [Created] (SLING-2762) AbstractSlingRepository#login violates JCR spec

2013-03-04 Thread Felix Meschberger 
Hi,

Am 01.03.2013 um 17:29 schrieb Angela Schreiber:

 hi felix
 
 that makes sense. in general i would suggest to consistently use
 GuestCredentials and get rid of the jr-core-null workaround that
 in fact relies on an comfortable but somewhat incorrect
 implementation detail...

Not having GuestCredentials, our use of the anonymous credentials was in fact 
done to prevent using the jr-core-null sideeffect. But GuestCredentials is 
better for sure.

 
 hope that helps

Sure does ;-)

Regards
Felix

 angela
 
 On 3/1/13 11:29 AM, Felix Meschberger wrote:
 Hi
 
 Yes, we assume this under the backwards compatibility umbrella. IIRC 
 Jackrabbit supported the null-argument in this way, too. So we just made it 
 explicit.
 
 What we might want to change, though, is to use JCR 2 GuestCredentials 
 instead of doing our own anonmous login stuff and thus get rid of the 
 PluggableLoginModule for anonnyous access.
 
 we could also improve a bit by checking for an access control context:
 
 if (credentials == null) {
if (hasAccessControlContext()  hasSubject()) {
   // assume external authentication
} else {
   // assume backwards compatibility anon login
   credentials = new GuestCredentials();
}
 }
 
 
 WDYT ?
 
 Regards
 Felix
 
 Am 01.03.2013 um 10:43 schrieb Antonio Sanso (JIRA):
 
 Antonio Sanso created SLING-2762:
 
 
 Summary: AbstractSlingRepository#login violates JCR spec
 Key: SLING-2762
 URL: https://issues.apache.org/jira/browse/SLING-2762
 Project: Sling
  Issue Type: Bug
  Components: JCR
Reporter: Antonio Sanso
 
 
 AbstractSlingRepository#login seems to violate the javax.jcr.Repository 
 spec.
 
 The API [0] says
 
  If credentials is null, it is assumed that authentication is handled by a 
 mechanism external to the repository itself (for example, through the JAAS 
 framework) and that the repository implementation exists within a context 
 (for example, an application server) that allows it to handle authorization 
 of the request for access to the specified workspace.
 
 while the implementation looks like
 
 {code}
 ...
 if (credentials == null) {
credentials = getAnonCredentials(this.anonUser);
 }
 ...
 
 {code}
 
 
 [0] 
 http://www.day.com/maven/jsr170/javadocs/jcr-2.0/javax/jcr/Repository.html#login%28javax.jcr.Credentials,%20java.lang.String%29
 
 --
 This message is automatically generated by JIRA.
 If you think it was sent incorrectly, please contact your JIRA 
 administrators
 For more information on JIRA, see: http://www.atlassian.com/software/jira
 
 
 --
 Felix Meschberger | Principal Scientist | Adobe
 
 
 
 
 
 
 


--
Felix Meschberger | Principal Scientist | Adobe

Re: [jira] [Created] (SLING-2762) AbstractSlingRepository#login violates JCR spec

2013-03-01 Thread Felix Meschberger 
Hi

Yes, we assume this under the backwards compatibility umbrella. IIRC 
Jackrabbit supported the null-argument in this way, too. So we just made it 
explicit.

What we might want to change, though, is to use JCR 2 GuestCredentials instead 
of doing our own anonmous login stuff and thus get rid of the 
PluggableLoginModule for anonnyous access.

we could also improve a bit by checking for an access control context:

 if (credentials == null) {
if (hasAccessControlContext()  hasSubject()) {
   // assume external authentication
} else {
   // assume backwards compatibility anon login
   credentials = new GuestCredentials();
}
 }
 

WDYT ?

Regards
Felix

Am 01.03.2013 um 10:43 schrieb Antonio Sanso (JIRA):

 Antonio Sanso created SLING-2762:
 
 
 Summary: AbstractSlingRepository#login violates JCR spec
 Key: SLING-2762
 URL: https://issues.apache.org/jira/browse/SLING-2762
 Project: Sling
  Issue Type: Bug
  Components: JCR
Reporter: Antonio Sanso
 
 
 AbstractSlingRepository#login seems to violate the javax.jcr.Repository spec.
 
 The API [0] says
 
  If credentials is null, it is assumed that authentication is handled by a 
 mechanism external to the repository itself (for example, through the JAAS 
 framework) and that the repository implementation exists within a context 
 (for example, an application server) that allows it to handle authorization 
 of the request for access to the specified workspace.
 
 while the implementation looks like
 
 {code}
 ...
 if (credentials == null) {
credentials = getAnonCredentials(this.anonUser);
 }
 ...
 
 {code}
 
 
 [0] 
 http://www.day.com/maven/jsr170/javadocs/jcr-2.0/javax/jcr/Repository.html#login%28javax.jcr.Credentials,%20java.lang.String%29
 
 --
 This message is automatically generated by JIRA.
 If you think it was sent incorrectly, please contact your JIRA administrators
 For more information on JIRA, see: http://www.atlassian.com/software/jira


--
Felix Meschberger | Principal Scientist | Adobe

Re: [jira] [Created] (SLING-2762) AbstractSlingRepository#login violates JCR spec

2013-03-01 Thread Angela Schreiber 

hi felix

that makes sense. in general i would suggest to consistently use
GuestCredentials and get rid of the jr-core-null workaround that
in fact relies on an comfortable but somewhat incorrect
implementation detail...

hope that helps
angela

On 3/1/13 11:29 AM, Felix Meschberger wrote:

Hi

Yes, we assume this under the backwards compatibility umbrella. IIRC 
Jackrabbit supported the null-argument in this way, too. So we just made it explicit.

What we might want to change, though, is to use JCR 2 GuestCredentials instead 
of doing our own anonmous login stuff and thus get rid of the 
PluggableLoginModule for anonnyous access.

we could also improve a bit by checking for an access control context:


if (credentials == null) {
if (hasAccessControlContext()  hasSubject()) {
   // assume external authentication
} else {
   // assume backwards compatibility anon login
   credentials = new GuestCredentials();
}
}



WDYT ?

Regards
Felix

Am 01.03.2013 um 10:43 schrieb Antonio Sanso (JIRA):


Antonio Sanso created SLING-2762:


 Summary: AbstractSlingRepository#login violates JCR spec
 Key: SLING-2762
 URL: https://issues.apache.org/jira/browse/SLING-2762
 Project: Sling
  Issue Type: Bug
  Components: JCR
Reporter: Antonio Sanso


AbstractSlingRepository#login seems to violate the javax.jcr.Repository spec.

The API [0] says

 If credentials is null, it is assumed that authentication is handled by a 
mechanism external to the repository itself (for example, through the JAAS framework) and 
that the repository implementation exists within a context (for example, an application 
server) that allows it to handle authorization of the request for access to the specified 
workspace.

while the implementation looks like

{code}
...
if (credentials == null) {
credentials = getAnonCredentials(this.anonUser);
}
...

{code}


[0] 
http://www.day.com/maven/jsr170/javadocs/jcr-2.0/javax/jcr/Repository.html#login%28javax.jcr.Credentials,%20java.lang.String%29

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira



--
Felix Meschberger | Principal Scientist | Adobe