[
https://issues.apache.org/jira/browse/SLING-1534?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12873780#action_12873780
]
Justin Edelson commented on SLING-1534:
---------------------------------------
> I'm not sure if we have cases where the user from the authinfo is different
> from the user of the session *and* if in these cases, the
> session user should be used?
The only case I can think of (and the reason for the TODO comment) is the
anonymous case where authinfo is null. So I think going back to the
ResourceResolver/Session is the best thing to do.
I haven't had a chance to apply this patch; will do so in the next day.
> switch SlingAuthenticator to use ResourceResolverFactory API rather than JCR
> directory
> --------------------------------------------------------------------------------------
>
> Key: SLING-1534
> URL: https://issues.apache.org/jira/browse/SLING-1534
> Project: Sling
> Issue Type: Improvement
> Components: Commons
> Reporter: Justin Edelson
> Fix For: Commons Auth 1.0.0
>
> Attachments: SLING-1534.patch
>
>
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
