[
https://issues.apache.org/jira/browse/OAK-9852?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Angela Schreiber updated OAK-9852:
----------------------------------
Summary: FilterProviderImpl should log a warning if a subject contains
'mixed' service-user-principals (was: FilterProviderImpl should log a warning
if a subject is not completely principal based)
> FilterProviderImpl should log a warning if a subject contains 'mixed'
> service-user-principals
> ---------------------------------------------------------------------------------------------
>
> Key: OAK-9852
> URL: https://issues.apache.org/jira/browse/OAK-9852
> Project: Jackrabbit Oak
> Issue Type: Improvement
> Components: authorization-principalbased
> Reporter: Christian Schneider
> Priority: Critical
>
> For content distribution we use a user mapping with a subservice like:
> {code:java}
> "org.apache.sling.distribution.journal:importer=[sling-distribution-importer,sling-distribution,content-writer-service,repository-reader-service,version-manager-service,group-administration-service,user-administration-service,namespace-mgmt-service]"{code}
> Angela explained to me that if any of the subjects in the list is not
> principal based then the whole subservice will fall back to default
> authoristation. This can lead to unexpected access denied issues that are
> difficult to debug.
> So it would be great if we could add some warn logging that cleary tells us
> that our subservice is possibly not working as expected.
>
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
