sling-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Nate Angell <nang...@rsmart.com>
Subject Re: additional sudoers?
Date Tue, 28 Feb 2012 02:00:05 GMT
In my explorations, I was looking at things like:

http://dev.day.com/discussion-groups/content/lists/sling-dev/2010-01/2010-01-19__jira_Created__SLING_1291_Set_id_of_impersonating_user_as_session_attribute_of_impersonated_session.html

http://comments.gmane.org/gmane.comp.apache.sling.devel/13621

And I swear on a stack of bibles I learned how to use sudo from sling,
but now can not find the original doc/hint I followed ;(

= ate


On Mon, Feb 27, 2012 at 4:41 PM, Ian Boston <ieb@tfd.co.uk> wrote:
> That looks exactly like the way Sling is supposed to work. What makes
> me puzzled is I cant find anywhere in the standard Sling code base
> that binds to the the sudo parameter, or the sling.sudo cookie
> although both are defined. Perfectly possible I am not looking hard
> enough.
>
> Ian
>
> On 28 February 2012 11:29, Nate Angell <nangell@rsmart.com> wrote:
>> To sudo, you authenticate as the "root" admin user and navigate to
>> something of the form as folows to sudo as, in this case, the user
>> "xolotl".
>>
>> http://localhost:8080/?sudo=xolotl
>>
>> Which sets a cookie named "sling.sudo"
>>
>> Name:   sling.sudo
>> Content:        "\"xolotl\""
>> Domain: localhost
>> Path:   /
>> Send For:       Any kind of connection
>> Accessible to Script:   Yes
>> Created:        Monday, February 27, 2012 4:25:04 PM
>> Expires:        When I quit my browser
>>
>> I originally discovered this method in some Sling documentation that
>> for some reason I'm now unable to find ;)
>>
>> = nate
>>
>> On Mon, Feb 27, 2012 at 2:04 PM, Ian Boston <ieb@tfd.co.uk> wrote:
>>> On 28 February 2012 05:27, Nate Angell <nangell@rsmart.com> wrote:
>>>> Thanks for helping think this through Ian...I certainly wouldn't
>>>> presume to tell you how the system you wrote behaves ;)
>>>
>>> hey, no problem. You must tell me how it behaves, most of the time it
>>> misbehaves :)
>>>
>>>>
>>>> My experiments show that when one impersonates a user, and then
>>>> creates a Sakai OAE doc while impersonating, the following values
>>>> associated with that document are aligned with the user being
>>>> impersonated (in this example the admin user was impersonating the
>>>> xolotl user):
>>>>
>>>> {
>>>>    "_created": 1330366895100,
>>>>    "_createdBy": "admin",
>>>>    "_id": "4YnjwGFvEeGYOZaTCgABEA+",
>>>>    "_lastModified": 1330366896495,
>>>>    "_lastModifiedBy": "xolotl",
>>>
>>> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
>>>
>>> That proves it works !
>>>
>>> Out of interest, how are you performing the sudo and what cookies do
>>> you see in the client once you have sudoed ?
>>>
>>> Ian

Mime
View raw message