[
https://issues.apache.org/jira/browse/OAK-6451?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Alex Deparvu resolved OAK-6451.
-------------------------------
Resolution: Fixed
fixed with http://svn.apache.org/viewvc?rev=1801963&view=rev
the solution is to use the composite only if there's no other aggregated config
available. currently there's no easy way to include it as a composite in the
default composite.
[~anchela] please take a look. this is not the cleanest solution, but it was
the least intrusive one. I'm not sure if we need to start supporting composites
of composites, or if this is ok for now.
> MultiplexingPermissionProvider is ignored by the
> CompositeAuthorizationConfiguration
> ------------------------------------------------------------------------------------
>
> Key: OAK-6451
> URL: https://issues.apache.org/jira/browse/OAK-6451
> Project: Jackrabbit Oak
> Issue Type: Bug
> Components: core, security
> Reporter: Alex Deparvu
> Assignee: Alex Deparvu
> Fix For: 1.8, 1.7.4
>
>
> Because of the way {{PermissionProviders}} are aggregated [0], the
> {{MultiplexingPermissionProvider}} is ignored on account of not being a
> {{AggregatedPermissionProvider}}.
> [0]
> https://github.com/apache/jackrabbit-oak/blob/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/composite/CompositeAuthorizationConfiguration.java#L179
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
