[ https://issues.apache.org/jira/browse/OAK-9852?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Angela Schreiber updated OAK-9852: ---------------------------------- Summary: FilterProviderImpl should log a warning if a subject contains 'mixed' service-user-principals (was: FilterProviderImpl should log a warning if a subject is not completely principal based) > FilterProviderImpl should log a warning if a subject contains 'mixed' > service-user-principals > --------------------------------------------------------------------------------------------- > > Key: OAK-9852 > URL: https://issues.apache.org/jira/browse/OAK-9852 > Project: Jackrabbit Oak > Issue Type: Improvement > Components: authorization-principalbased > Reporter: Christian Schneider > Priority: Critical > > For content distribution we use a user mapping with a subservice like: > {code:java} > "org.apache.sling.distribution.journal:importer=[sling-distribution-importer,sling-distribution,content-writer-service,repository-reader-service,version-manager-service,group-administration-service,user-administration-service,namespace-mgmt-service]"{code} > Angela explained to me that if any of the subjects in the list is not > principal based then the whole subservice will fall back to default > authoristation. This can lead to unexpected access denied issues that are > difficult to debug. > So it would be great if we could add some warn logging that cleary tells us > that our subservice is possibly not working as expected. > -- This message was sent by Atlassian Jira (v8.20.10#820010)