[
https://issues.apache.org/jira/browse/SLING-1670?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12900608#action_12900608
]
Felix Meschberger commented on SLING-1670:
------------------------------------------
Actually the API was introduced in Web Console 3.1 and it is limited in that
the service is provided with user name and password and has to return an
identifying object. Internally the Web Console still uses HTTP Basic
authentication.
Thus the solution for Sling is to use the provided user name and password to
login to repository and apply a few checks.
> Implement WebConsoleSecurityProvider using Auth Core
> ----------------------------------------------------
>
> Key: SLING-1670
> URL: https://issues.apache.org/jira/browse/SLING-1670
> Project: Sling
> Issue Type: New Feature
> Components: Extensions
> Reporter: Felix Meschberger
>
> Since Web Console 3.0 the WebConsoleSecurityProvider service interface may be
> implemented to provide authentication support for the web console other than
> the built-in HTTP Basic authentication supporting a single user.
> For Sling we should implement this service leveraging the Auth Core module to
> allow for versatile login mechanisms as well as authenticating against the
> ResourceResolverFactory.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
