jackrabbit-oak-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Robert Munteanu (Jira)" <j...@apache.org>
Subject [jira] [Commented] (OAK-9047) Make the DefaultAuthorizableActionProvider require a configuration
Date Mon, 04 May 2020 13:42:00 GMT

    [ https://issues.apache.org/jira/browse/OAK-9047?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17098938#comment-17098938

Robert Munteanu commented on OAK-9047:

IIUC the root problem is that start components before configurations are applied. If we apply
this policy to the SecurityProviderRegistration, it will only activate once the configurations
are applied. It may be that I am wrong, I experimented this this some months ago.

[~angela] - the BC breakage is that existing deployments will need to add an explicit configuration,
even if using the default values for the SecurityProviderRegistration.

> Make the DefaultAuthorizableActionProvider require a configuration
> ------------------------------------------------------------------
>                 Key: OAK-9047
>                 URL: https://issues.apache.org/jira/browse/OAK-9047
>             Project: Jackrabbit Oak
>          Issue Type: Improvement
>          Components: security-spi
>            Reporter: Konrad Windszus
>            Priority: Major
> Currently configuring the {{DefaultAuthorizableActionProvider}} leads to restart of the
Oak repository in the context of https://issues.apache.org/jira/browse/SLING-7811?focusedCommentId=16573171&page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#comment-16573171.

> It would make sense to only start the service https://github.com/apache/jackrabbit-oak/blob/1f90e8c632868e658cc60b95bc5ec49182c4e173/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/user/action/DefaultAuthorizableActionProvider.java#L45
once a mandatory configuration is in place.

This message was sent by Atlassian Jira

View raw message