[jira] [Commented] (SLING-9556) add pipes execution through a simple text POST
[ https://issues.apache.org/jira/browse/SLING-9556?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17172068#comment-17172068 ] Nicolas Peltier commented on SLING-9556: [~enorman] [~olli] first of all, your concerns prove that first security layer of pipes that was its complexity starts to fade out which is a good news ;) 1. Then i have to admit i have difficulties picturing the "bad guy" scenario here, as in those cases you will always run a pipe's action with the resolver of the pipe requester. That is if your user has privileges to do bad actions A & B in the whole repository, pipe will "just" make it more efficient, however it's not its role imho to add a layer of security. 2. Second to kick things off you need those {{slingPipes/plumber}} or {{slingPipes/exec}} resources to POST to. Of course, if your user has write access somewhere on the repository, he can create that node, and then post there. He then needs write access described in 1. but again i would fix the fact that user has that POST access in the first place, right? Finally i don't want to play it smart here as my bad guy imagination has its limits beyond which some people can go, and i'll add a simple check. [~olli] what about just checking current resolver can read a configured path in the repository? > add pipes execution through a simple text POST > -- > > Key: SLING-9556 > URL: https://issues.apache.org/jira/browse/SLING-9556 > Project: Sling > Issue Type: Improvement > Components: Extensions >Affects Versions: Pipes 4.0.0 >Reporter: Nicolas Peltier >Assignee: Nicolas Peltier >Priority: Major > Fix For: Pipes 4.0.0 > > > problem with configuration of most pipes is JCR serialization is difficult to > read/maintain (basic XML maintenance issue). > Since it can be executed through gogo commands, the pipe could also simply be > some piped command in a text file that would be posted to the plumber, using > same pipebuilder functionality (see > https://github.com/apache/sling-org-apache-sling-pipes/blob/master/src/main/java/org/apache/sling/pipes/internal/GogoCommands.java#L81) -- This message was sent by Atlassian Jira (v8.3.4#803005)
[VOTE] Release Apache Sling Commons OSGi 2.4.2
Hi, We solved 1 issue in this release https://issues.apache.org/jira/browse/SLING-9630 Staging repository: https://repository.apache.org/content/repositories/orgapachesling-2315 You can use this UNIX script to download the release and verify the signatures: https://gitbox.apache.org/repos/asf?p=sling-tooling-release.git;a=blob;f=check_staged_release.sh;hb=HEAD Usage: sh check_staged_release.sh 2315 /tmp/sling-staging Please vote to approve this release: [ ] +1 Approve the release [ ] 0 Don't care [ ] -1 Don't release, because ... This majority vote is open for at least 72 hours. Regards Carsten -- Carsten Ziegeler Adobe Research Switzerland cziege...@apache.org
[jira] [Created] (SLING-9642) Note on provisioning model docs that Sling Starter 12 switched to the feature model
Robert Munteanu created SLING-9642: -- Summary: Note on provisioning model docs that Sling Starter 12 switched to the feature model Key: SLING-9642 URL: https://issues.apache.org/jira/browse/SLING-9642 Project: Sling Issue Type: Sub-task Components: Documentation Reporter: Robert Munteanu The provisioning model is still supported but people landing on that page should be made aware that for Sling 12 we have moved to something else. A single note mentioning the feature model should be enough. -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Created] (SLING-9641) 'Launcher' archetype for Sling 12
Robert Munteanu created SLING-9641: -- Summary: 'Launcher' archetype for Sling 12 Key: SLING-9641 URL: https://issues.apache.org/jira/browse/SLING-9641 Project: Sling Issue Type: Sub-task Components: Maven Plugins and Archetypes, Starter Reporter: Robert Munteanu Since we moved to the feature model, we should provide a way for users to generate new feature model-based applications. We can - update the [Sling project archetype](https://github.com/apache/sling-project-archetype) to generate a launcher based on the feature model - create a new sling feature archetype - do both -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Created] (SLING-9643) Add feature model documentation entry point on Sling site
Robert Munteanu created SLING-9643: -- Summary: Add feature model documentation entry point on Sling site Key: SLING-9643 URL: https://issues.apache.org/jira/browse/SLING-9643 Project: Sling Issue Type: Sub-task Components: Documentation Reporter: Robert Munteanu The feature model's individual pieces are well documented on GitHub repositories. Still, it can be hard for someone looking to get familiar with it to get a high-level understanding of what the feature model can do and what tools are available. We should add a basic documentation page on the Sling site and point to individual resources for more information. -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Updated] (SLING-9636) Refine feature model files
[ https://issues.apache.org/jira/browse/SLING-9636?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Robert Munteanu updated SLING-9636: --- Description: The feature model files have been auto-generated and, while they work, there are improvements we can make, first of all making sure the split is consistent. We should additionally least: - give consistent names to the features, e.g. {{boot_boot.json}} should become {{boot.json}} - use placeholders where possible, e.g. {{ ${project.groupId} }} instead of {{org.apache.sling}}. - use variables - we have for instance {{slf4.version}} defined but we don't use it - remove (if no longer needed) {{sling.run.mode.install.options}} - remove {{org.apache.sling.provisioning.model}} bundle was: The feature model files have been auto-generated and, while they work, there are improvements we can make, first of all making sure the split is consistent. We should additionally least: - give consistent names to the features, e.g. {{boot_boot.json}} should become {{boot.json}} - use placeholders where possible, e.g. {{ ${project.groupId} }} instead of {{org.apache.sling}}. - use variables - we have for instance {{slf4.version}} defined but we don't use it > Refine feature model files > -- > > Key: SLING-9636 > URL: https://issues.apache.org/jira/browse/SLING-9636 > Project: Sling > Issue Type: Sub-task > Components: Starter >Reporter: Robert Munteanu >Priority: Major > Fix For: Starter 12 > > > The feature model files have been auto-generated and, while they work, there > are improvements we can make, first of all making sure the split is > consistent. > We should additionally least: > - give consistent names to the features, e.g. {{boot_boot.json}} should > become {{boot.json}} > - use placeholders where possible, e.g. {{ ${project.groupId} }} instead of > {{org.apache.sling}}. > - use variables - we have for instance {{slf4.version}} defined but we don't > use it > - remove (if no longer needed) {{sling.run.mode.install.options}} > - remove {{org.apache.sling.provisioning.model}} bundle -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Created] (SLING-9640) Document 'official' way of launching the Sling starter
Robert Munteanu created SLING-9640: -- Summary: Document 'official' way of launching the Sling starter Key: SLING-9640 URL: https://issues.apache.org/jira/browse/SLING-9640 Project: Sling Issue Type: Sub-task Components: Documentation, Site Reporter: Robert Munteanu Right now we recommend downloading the feature launcher and then using it to launch the starter aggregate. We should decide what the recommended way to do that is. Some options: - download feature launcher + launch local or remote feature file/archive - kickstart jar - starter docker image - feature launcher docker image + local or remote feature file/archive -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Updated] (SLING-9639) Deprecate no longer used launchpad testing projects
[ https://issues.apache.org/jira/browse/SLING-9639?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Robert Munteanu updated SLING-9639: --- Summary: Deprecate no longer used launchpad testing projects (was: Deprecate no longer used ) > Deprecate no longer used launchpad testing projects > --- > > Key: SLING-9639 > URL: https://issues.apache.org/jira/browse/SLING-9639 > Project: Sling > Issue Type: Sub-task > Components: Launchpad, Testing >Reporter: Robert Munteanu >Priority: Major > > We can deprecated the following two projects: > - launchpad-testing-bundles - now the launchpad-testing project has its own > feature model > - launchpad-testing-war - wars are no longer supported -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Created] (SLING-9639) Deprecate no longer used
Robert Munteanu created SLING-9639: -- Summary: Deprecate no longer used Key: SLING-9639 URL: https://issues.apache.org/jira/browse/SLING-9639 Project: Sling Issue Type: Sub-task Components: Launchpad, Testing Reporter: Robert Munteanu We can deprecated the following two projects: - launchpad-testing-bundles - now the launchpad-testing project has its own feature model - launchpad-testing-war - wars are no longer supported -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Created] (SLING-9638) Update Starter Docker image to be based on the feature model
Robert Munteanu created SLING-9638: -- Summary: Update Starter Docker image to be based on the feature model Key: SLING-9638 URL: https://issues.apache.org/jira/browse/SLING-9638 Project: Sling Issue Type: Sub-task Reporter: Robert Munteanu Fix For: Starter 12 -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Created] (SLING-9637) Re-enable Smoke IT, but only keep the repository available check
Robert Munteanu created SLING-9637: -- Summary: Re-enable Smoke IT, but only keep the repository available check Key: SLING-9637 URL: https://issues.apache.org/jira/browse/SLING-9637 Project: Sling Issue Type: Sub-task Reporter: Robert Munteanu Fix For: Starter 12 The 'all bundles started' check is superfluous now that we have the feature model analysers. However, it would be good to verify that the repository successfully start up. -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Updated] (SLING-9636) Refine feature model files
[ https://issues.apache.org/jira/browse/SLING-9636?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Robert Munteanu updated SLING-9636: --- Description: The feature model files have been auto-generated and, while they work, there are improvements we can make, first of all making sure the split is consistent. We should additionally least: - give consistent names to the features, e.g. {{boot_boot.json}} should become {{boot.json}} - use placeholders where possible, e.g. {{ ${project.groupId} }} instead of {{org.apache.sling}}. - use variables - we have for instance {{slf4.version}} defined but we don't use it was:The feature model files have been auto-generated and, while they work, there are improvements we can make, first of all making sure the split is consistent. > Refine feature model files > -- > > Key: SLING-9636 > URL: https://issues.apache.org/jira/browse/SLING-9636 > Project: Sling > Issue Type: Sub-task > Components: Starter >Reporter: Robert Munteanu >Priority: Major > Fix For: Starter 12 > > > The feature model files have been auto-generated and, while they work, there > are improvements we can make, first of all making sure the split is > consistent. > We should additionally least: > - give consistent names to the features, e.g. {{boot_boot.json}} should > become {{boot.json}} > - use placeholders where possible, e.g. {{ ${project.groupId} }} instead of > {{org.apache.sling}}. > - use variables - we have for instance {{slf4.version}} defined but we don't > use it -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Created] (SLING-9636) Refine feature model files
Robert Munteanu created SLING-9636: -- Summary: Refine feature model files Key: SLING-9636 URL: https://issues.apache.org/jira/browse/SLING-9636 Project: Sling Issue Type: Sub-task Components: Starter Reporter: Robert Munteanu Fix For: Starter 12 The feature model files have been auto-generated and, while they work, there are improvements we can make, first of all making sure the split is consistent. -- This message was sent by Atlassian Jira (v8.3.4#803005)
Re: Please welcome Henry Saginor, Sling committer
Hi Henry Welcome onboard on this ‘crazy train’. - Andy > On Aug 5, 2020, at 1:33 AM, Robert Munteanu wrote: > > Hi Sling community, > > Based on his ongoing and valuable contributions to the project, the > Sling PMC has elected Henry Saginor as a Sling committer, and he > has accepted the invitation. > > Please join me in welcoming Henry! > > Henry - if you want to honor the old tradition of new committers > briefly introducing themselves to the list, feel free. > > Welcome! > > Robert > > > > >
[jira] [Commented] (SLING-9556) add pipes execution through a simple text POST
[ https://issues.apache.org/jira/browse/SLING-9556?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17171704#comment-17171704 ] Oliver Lietz commented on SLING-9556: - [~npeltier], [~enorman], I recommend to limit pipe execution to dedicated user groups. Similar to what we have in [{{ClamJcrScanServlet}}|https://github.com/apache/sling-org-apache-sling-clam/blob/543c4990808f4854ea3ebb52a1c3892cd7e6f67e/src/main/java/org/apache/sling/clam/http/internal/ClamJcrScanServlet.java#L116] but making group mandatory. > add pipes execution through a simple text POST > -- > > Key: SLING-9556 > URL: https://issues.apache.org/jira/browse/SLING-9556 > Project: Sling > Issue Type: Improvement > Components: Extensions >Affects Versions: Pipes 4.0.0 >Reporter: Nicolas Peltier >Assignee: Nicolas Peltier >Priority: Major > Fix For: Pipes 4.0.0 > > > problem with configuration of most pipes is JCR serialization is difficult to > read/maintain (basic XML maintenance issue). > Since it can be executed through gogo commands, the pipe could also simply be > some piped command in a text file that would be posted to the plumber, using > same pipebuilder functionality (see > https://github.com/apache/sling-org-apache-sling-pipes/blob/master/src/main/java/org/apache/sling/pipes/internal/GogoCommands.java#L81) -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Commented] (SLING-9635) Create a kickstart jar during the Sling Starter build
[ https://issues.apache.org/jira/browse/SLING-9635?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17171668#comment-17171668 ] Dan Klco commented on SLING-9635: - Any thought on using a similar technique to this: https://github.com/apache/sling-org-apache-sling-app-cms/blob/SLING-8913-multiple-instance-types/feature/pom.xml#L132 https://github.com/apache/sling-org-apache-sling-app-cms/blob/SLING-8913-multiple-instance-types/feature/src/main/java/org/apache/sling/cms/feature/Main.java https://github.com/apache/sling-org-apache-sling-app-cms/blob/SLING-8913-multiple-instance-types/feature/src/main/assembly/standalone.xml E.g. wrapping the Feature Model Launcher, find the model from the classpath, and then call the Feature Model Launcher's Main class? > Create a kickstart jar during the Sling Starter build > - > > Key: SLING-9635 > URL: https://issues.apache.org/jira/browse/SLING-9635 > Project: Sling > Issue Type: Sub-task > Components: Starter >Reporter: Robert Munteanu >Priority: Major > Fix For: Starter 12 > > > Separate from SLING-9595, see > https://issues.apache.org/jira/browse/SLING-9595?focusedCommentId=17161943&page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#comment-17161943 -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Comment Edited] (SLING-9634) Sling Dynamic Include not working with version 3.2.0
[ https://issues.apache.org/jira/browse/SLING-9634?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17171636#comment-17171636 ] Geetika Chhabra edited comment on SLING-9634 at 8/5/20, 6:12 PM: - Hi [~jfmitchell], I tried both of the properties actually *include-filter.config.disable_ignoreUrlParams* and *include-filter.config.disableIgnoreUrlParams,* it doesn't work. In fact, the OSGI config doesn't even pick and show the first property in the config manager. See the following screenshot when I used the first property and set to true, it doesn't show up in the configuration, highlighted the property name also that the configuration is expecting. !image-2020-08-05-14-10-16-218.png|width=658,height=272! Regards, Geetika was (Author: geetika.chhabra): Hi [~jfmitchell], I tried both of the properties actually *include-filter.config.disable_ignoreUrlParams* and *include-filter.config.disableIgnoreUrlParams,* it doesn't work. In fact, the OSGI config doesn't even pick and show the first property in the config manager. See the following screenshot when I used the first property and set to true, it doesn't show up in the configuration, highlighted the property name also that the configuration is expecting. !image-2020-08-05-14-10-16-218.png! Regards, Geetika > Sling Dynamic Include not working with version 3.2.0 > > > Key: SLING-9634 > URL: https://issues.apache.org/jira/browse/SLING-9634 > Project: Sling > Issue Type: Bug >Affects Versions: Dynamic Include 3.2.0 >Reporter: Geetika Chhabra >Priority: Major > Attachments: image-2020-08-05-14-10-16-218.png > > > In one of our projects, we have been using SDI 3.1.2 and it seems to be > working fine. However, in order to use the *disableIgnoreParams* feature > introduced in version 3.2.0 (SLING-9045), we switched to version 3.2.0 but > the default functionality of SDI doesn't seem to work anymore. We tried with > the query parameter and without, it doesn't work in both of the scenarios. > Additional steps we did to go from version 3.1.2 to 3.2.0: > * Updated the SDI version in pom.xml to point to 3.2.0. > * Added the *"include-filter.config.disableIgnoreUrlParams="\{Boolean}true"* > property in addition to the old ones. > Please note that it works as expected with version 3.1.2. -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Comment Edited] (SLING-9634) Sling Dynamic Include not working with version 3.2.0
[ https://issues.apache.org/jira/browse/SLING-9634?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17171636#comment-17171636 ] Geetika Chhabra edited comment on SLING-9634 at 8/5/20, 6:11 PM: - Hi [~jfmitchell], I tried both of the properties actually *include-filter.config.disable_ignoreUrlParams* and *include-filter.config.disableIgnoreUrlParams,* it doesn't work. In fact, the OSGI config doesn't even pick and show the first property in the config manager. See the following screenshot when I used the first property and set to true, it doesn't show up in the configuration, highlighted the property name also that the configuration is expecting. !image-2020-08-05-14-10-16-218.png! Regards, Geetika was (Author: geetika.chhabra): Hi [~jfmitchell], I tried both of the properties actually *include-filter.config.disable_ignoreUrlParams* and *include-filter.config.disableIgnoreUrlParams,* it doesn't work. In fact, the OSGI config doesn't even pick and show the first property in the config manager. Regards, Geetika > Sling Dynamic Include not working with version 3.2.0 > > > Key: SLING-9634 > URL: https://issues.apache.org/jira/browse/SLING-9634 > Project: Sling > Issue Type: Bug >Affects Versions: Dynamic Include 3.2.0 >Reporter: Geetika Chhabra >Priority: Major > Attachments: image-2020-08-05-14-10-16-218.png > > > In one of our projects, we have been using SDI 3.1.2 and it seems to be > working fine. However, in order to use the *disableIgnoreParams* feature > introduced in version 3.2.0 (SLING-9045), we switched to version 3.2.0 but > the default functionality of SDI doesn't seem to work anymore. We tried with > the query parameter and without, it doesn't work in both of the scenarios. > Additional steps we did to go from version 3.1.2 to 3.2.0: > * Updated the SDI version in pom.xml to point to 3.2.0. > * Added the *"include-filter.config.disableIgnoreUrlParams="\{Boolean}true"* > property in addition to the old ones. > Please note that it works as expected with version 3.1.2. -- This message was sent by Atlassian Jira (v8.3.4#803005)
Re: Sling Starter switched to the Feature Model
Thanks a lot Robert, looks great at first glance. Konrad > On 5. Aug 2020, at 19:35, Robert Munteanu wrote: > > Hi, > > With the merge of the two PRs for the Sling Starter [1] and Launchpad- > Testing [2] the Sling starter is now switched to the feature model. > > This completes Phase 2, as defined in the migration plan [3]. Please > keep an eye open for regressions, as it "works on my machine and > Jenkins". > > As a reminder, for Phase 3 we do have a number of important but > "boring" tasks defined, like documentation, feature model refinements ( > Dan already spotted a potential improvement in the PR [4]), and it > would be great if others could pick up some of the tasks. > > Thanks, > Robert > > [1]: https://github.com/apache/sling-org-apache-sling-starter/pull/11 > [2]: https://github.com/apache/sling-org-apache-sling-launchpad-testing/pull/2 > [3]: > https://cwiki.apache.org/confluence/display/SLING/Migrating+the+Sling+Starter+to+the+Feature+Model > [4]: > https://github.com/apache/sling-org-apache-sling-starter/pull/11#pullrequestreview-461877061 >
[Jenkins] Sling » sling-org-apache-sling-launchpad-testing » master #962 is BROKEN
- [INFO] BUILD FAILURE [INFO] [INFO] Total time: 03:55 min [INFO] Finished at: 2020-08-05T17:55:59Z [INFO] [INFO] [jenkins-event-spy] Generated /home/jenkins/jenkins-slave/workspace/e-sling-launchpad-testing_master@tmp/withMaven81ff2c21/maven-spy-20200805-175204-1253252037793535689866.log [ERROR] Failed to execute goal org.apache.maven.plugins:maven-failsafe-plugin:2.21.0:verify (default) on project org.apache.sling.launchpad.testing: There are test failures. [ERROR] [ERROR] Please refer to /home/jenkins/jenkins-slave/workspace/e-sling-launchpad-testing_master/target/failsafe-reports for the individual test results. [ERROR] Please refer to dump files (if any exist) [date]-jvmRun[N].dump, [date].dumpstream and [date]-jvmRun[N].dumpstream. [ERROR] -> [Help 1] [ERROR] [ERROR] To see the full stack trace of the errors, re-run Maven with the -e switch. [ERROR] Re-run Maven using the -X switch to enable full debug logging. [ERROR] [ERROR] For more information about the errors and possible solutions, please read the following articles: [ERROR] [Help 1] http://cwiki.apache.org/confluence/display/MAVEN/MojoFailureException [Pipeline] echo Marking build unstable due to mvn sonar:sonar failing. See https://cwiki.apache.org/confluence/display/SLING/SonarCloud+analysis for more info. [Pipeline] } [withMaven] Publishers: [Pipeline] // withMaven [Pipeline] } [Pipeline] // withCredentials [Pipeline] } [Pipeline] // stage [Pipeline] } [Pipeline] // timeout [Pipeline] stage [Pipeline] { (Notifications) [Pipeline] echo Status change is BROKEN, notifications will be sent. [Pipeline] emailext
[Jenkins] Sling » sling-org-apache-sling-launchpad-testing » master #961 is FIXED
Please see https://builds.apache.org/job/Sling/job/sling-org-apache-sling-launchpad-testing/job/master/961/ for details. No further emails will be sent until the status of the build is changed.
[jira] [Resolved] (SLING-9596) Switch launchpad-testing to the feature model
[ https://issues.apache.org/jira/browse/SLING-9596?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Robert Munteanu resolved SLING-9596. Resolution: Fixed > Switch launchpad-testing to the feature model > - > > Key: SLING-9596 > URL: https://issues.apache.org/jira/browse/SLING-9596 > Project: Sling > Issue Type: Sub-task > Components: Launchpad, Testing >Reporter: Robert Munteanu >Assignee: Robert Munteanu >Priority: Major > Fix For: Launchpad Testing 12 > > Time Spent: 0.5h > Remaining Estimate: 0h > > Switch launchpad testing to provisioning model: > - provisioning files switched to feature files > - run against the starter using feature model -- This message was sent by Atlassian Jira (v8.3.4#803005)
Sling Starter switched to the Feature Model
Hi, With the merge of the two PRs for the Sling Starter [1] and Launchpad- Testing [2] the Sling starter is now switched to the feature model. This completes Phase 2, as defined in the migration plan [3]. Please keep an eye open for regressions, as it "works on my machine and Jenkins". As a reminder, for Phase 3 we do have a number of important but "boring" tasks defined, like documentation, feature model refinements ( Dan already spotted a potential improvement in the PR [4]), and it would be great if others could pick up some of the tasks. Thanks, Robert [1]: https://github.com/apache/sling-org-apache-sling-starter/pull/11 [2]: https://github.com/apache/sling-org-apache-sling-launchpad-testing/pull/2 [3]: https://cwiki.apache.org/confluence/display/SLING/Migrating+the+Sling+Starter+to+the+Feature+Model [4]: https://github.com/apache/sling-org-apache-sling-starter/pull/11#pullrequestreview-461877061
[GitHub] [sling-org-apache-sling-starter] klcodanr commented on pull request #11: SLING-9595 - Fully switch starter build to the feature model
klcodanr commented on pull request #11: URL: https://github.com/apache/sling-org-apache-sling-starter/pull/11#issuecomment-669329132 The email came in at the right time :-) Sounds good to me, thanks! This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [sling-org-apache-sling-launchpad-testing] rombert merged pull request #2: SLING-9596 - Switch launchpad-testing to the feature model
rombert merged pull request #2: URL: https://github.com/apache/sling-org-apache-sling-launchpad-testing/pull/2 This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[jira] [Resolved] (SLING-9595) Fully switch starter build to the feature model
[ https://issues.apache.org/jira/browse/SLING-9595?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Robert Munteanu resolved SLING-9595. Resolution: Fixed > Fully switch starter build to the feature model > --- > > Key: SLING-9595 > URL: https://issues.apache.org/jira/browse/SLING-9595 > Project: Sling > Issue Type: Sub-task > Components: Starter >Reporter: Robert Munteanu >Assignee: Robert Munteanu >Priority: Major > Fix For: Starter 12 > > Time Spent: 40m > Remaining Estimate: 0h > > Fully switch starter to feature model: > - The feature model converter will be used to create individual feature files > out of the provisioning model files > - Feature model aggregates will be defined for the current run modes: oak_tar > and oak_mongo > - Feature model analysers will be configured for the main aggregates > - Produce feature archives for oak_tar and oak_mongo > - -Produce a kickstart jar- ( moved to SLING-9635 ) -- This message was sent by Atlassian Jira (v8.3.4#803005)
[GitHub] [sling-org-apache-sling-starter] sonarcloud[bot] commented on pull request #11: SLING-9595 - Fully switch starter build to the feature model
sonarcloud[bot] commented on pull request #11: URL: https://github.com/apache/sling-org-apache-sling-starter/pull/11#issuecomment-669328109 Kudos, SonarCloud Quality Gate passed! [](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-starter&pullRequest=11&resolved=false&types=BUG) [](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-starter&pullRequest=11&resolved=false&types=BUG) [0 Bugs](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-starter&pullRequest=11&resolved=false&types=BUG) [](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-starter&pullRequest=11&resolved=false&types=VULNERABILITY) [](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-starter&pullRequest=11&resolved=false&types=VULNERABILITY) [0 Vulnerabilities](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-starter&pullRequest=11&resolved=false&types=VULNERABILITY) (and [](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-starter&pullRequest=11&resolved=false&types=SECURITY_HOTSPOT) [ 0 Security Hotspots](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-starter&pullRequest=11&resolved=false&types=SECURITY_HOTSPOT) to review) [](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-starter&pullRequest=11&resolved=false&types=CODE_SMELL) [](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-starter&pullRequest=11&resolved=false&types=CODE_SMELL) [0 Code Smells](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-starter&pullRequest=11&resolved=false&types=CODE_SMELL) [](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-starter&pullRequest=11) No Coverage information [](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-starter&pullRequest=11&metric=new_duplicated_lines_density&view=list) [0.0% Duplication](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-starter&pullRequest=11&metric=new_duplicated_lines_density&view=list) The version of Java (1.8.0_252) you have used to run this analysis is deprecated and we will stop accepting it from October 2020. Please update to at least Java 11. Read more [here](https://sonarcloud.io/documentation/upcoming/) This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [sling-org-apache-sling-starter] rombert merged pull request #11: SLING-9595 - Fully switch starter build to the feature model
rombert merged pull request #11: URL: https://github.com/apache/sling-org-apache-sling-starter/pull/11 This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [sling-org-apache-sling-starter] rombert commented on pull request #11: SLING-9595 - Fully switch starter build to the feature model
rombert commented on pull request #11: URL: https://github.com/apache/sling-org-apache-sling-starter/pull/11#issuecomment-669327067 @klcodanr - that was quick! We should definitely do that, I added a note to the Phase 3 tasks from https://cwiki.apache.org/confluence/display/SLING/Migrating+the+Sling+Starter+to+the+Feature+Model to make sure we don't forget it. The plan it to merge the changes as they are and then start refining before calling this "done". This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [sling-org-apache-sling-starter] rombert opened a new pull request #11: SLING-9595 - Fully switch starter build to the feature model
rombert opened a new pull request #11: URL: https://github.com/apache/sling-org-apache-sling-starter/pull/11 This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[jira] [Commented] (SLING-9634) Sling Dynamic Include not working with version 3.2.0
[ https://issues.apache.org/jira/browse/SLING-9634?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17171636#comment-17171636 ] Geetika Chhabra commented on SLING-9634: Hi [~jfmitchell], I tried both of the properties actually *include-filter.config.disable_ignoreUrlParams* and *include-filter.config.disableIgnoreUrlParams,* it doesn't work. In fact, the OSGI config doesn't even pick and show the first property in the config manager. Regards, Geetika > Sling Dynamic Include not working with version 3.2.0 > > > Key: SLING-9634 > URL: https://issues.apache.org/jira/browse/SLING-9634 > Project: Sling > Issue Type: Bug >Affects Versions: Dynamic Include 3.2.0 >Reporter: Geetika Chhabra >Priority: Major > > In one of our projects, we have been using SDI 3.1.2 and it seems to be > working fine. However, in order to use the *disableIgnoreParams* feature > introduced in version 3.2.0 (SLING-9045), we switched to version 3.2.0 but > the default functionality of SDI doesn't seem to work anymore. We tried with > the query parameter and without, it doesn't work in both of the scenarios. > Additional steps we did to go from version 3.1.2 to 3.2.0: > * Updated the SDI version in pom.xml to point to 3.2.0. > * Added the *"include-filter.config.disableIgnoreUrlParams="\{Boolean}true"* > property in addition to the old ones. > Please note that it works as expected with version 3.1.2. -- This message was sent by Atlassian Jira (v8.3.4#803005)
[GitHub] [sling-org-apache-sling-launchpad-testing] sonarcloud[bot] commented on pull request #2: SLING-9596 - Switch launchpad-testing to the feature model
sonarcloud[bot] commented on pull request #2: URL: https://github.com/apache/sling-org-apache-sling-launchpad-testing/pull/2#issuecomment-669315159 Kudos, SonarCloud Quality Gate passed! [](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-launchpad-testing&pullRequest=2&resolved=false&types=BUG) [](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-launchpad-testing&pullRequest=2&resolved=false&types=BUG) [0 Bugs](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-launchpad-testing&pullRequest=2&resolved=false&types=BUG) [](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-launchpad-testing&pullRequest=2&resolved=false&types=VULNERABILITY) [](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-launchpad-testing&pullRequest=2&resolved=false&types=VULNERABILITY) [0 Vulnerabilities](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-launchpad-testing&pullRequest=2&resolved=false&types=VULNERABILITY) (and [](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-launchpad-testing&pullRequest=2&reso lved=false&types=SECURITY_HOTSPOT) [0 Security Hotspots](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-launchpad-testing&pullRequest=2&resolved=false&types=SECURITY_HOTSPOT) to review) [](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-launchpad-testing&pullRequest=2&resolved=false&types=CODE_SMELL) [](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-launchpad-testing&pullRequest=2&resolved=false&types=CODE_SMELL) [0 Code Smells](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-launchpad-testing&pullRequest=2&resolved=false&types=CODE_SMELL) [](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-launchpad-testing&pullRequest=2) No Coverage information [](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-launchpad-testing&pullRequest=2&metric=new_duplicated_lines_density&view=list) [0.0% Duplication](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-launchpad-testing&pullRequest=2&metric=new_duplicated_lines_density&view=list) The version of Java (1.8.0_252) you have used to run this analysis is deprecated and we will stop accepting it from October 2020. Please update to at least Java 11. Read more [here](https://sonarcloud.io/documentation/upcoming/) This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [sling-org-apache-sling-launchpad-testing] rombert opened a new pull request #2: SLING-9596 - Switch launchpad-testing to the feature model
rombert opened a new pull request #2: URL: https://github.com/apache/sling-org-apache-sling-launchpad-testing/pull/2 Merge previous work to the master branch. This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[jira] [Assigned] (SLING-9596) Switch launchpad-testing to the feature model
[ https://issues.apache.org/jira/browse/SLING-9596?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Robert Munteanu reassigned SLING-9596: -- Assignee: Robert Munteanu > Switch launchpad-testing to the feature model > - > > Key: SLING-9596 > URL: https://issues.apache.org/jira/browse/SLING-9596 > Project: Sling > Issue Type: Sub-task > Components: Launchpad, Testing >Reporter: Robert Munteanu >Assignee: Robert Munteanu >Priority: Major > Fix For: Launchpad Testing 12 > > > Switch launchpad testing to provisioning model: > - provisioning files switched to feature files > - run against the starter using feature model -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Commented] (SLING-9595) Fully switch starter build to the feature model
[ https://issues.apache.org/jira/browse/SLING-9595?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17171610#comment-17171610 ] Robert Munteanu commented on SLING-9595: [~andysch] - I've moved the kickstart jar creation to a separate task - SLING-9635. This will allow work to progress quicker. > Fully switch starter build to the feature model > --- > > Key: SLING-9595 > URL: https://issues.apache.org/jira/browse/SLING-9595 > Project: Sling > Issue Type: Sub-task > Components: Starter >Reporter: Robert Munteanu >Assignee: Robert Munteanu >Priority: Major > Fix For: Starter 12 > > > Fully switch starter to feature model: > - The feature model converter will be used to create individual feature files > out of the provisioning model files > - Feature model aggregates will be defined for the current run modes: oak_tar > and oak_mongo > - Feature model analysers will be configured for the main aggregates > - Produce feature archives for oak_tar and oak_mongo > - -Produce a kickstart jar- ( moved to SLING-9635 ) -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Updated] (SLING-9595) Fully switch starter build to the feature model
[ https://issues.apache.org/jira/browse/SLING-9595?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Robert Munteanu updated SLING-9595: --- Description: Fully switch starter to feature model: - The feature model converter will be used to create individual feature files out of the provisioning model files - Feature model aggregates will be defined for the current run modes: oak_tar and oak_mongo - Feature model analysers will be configured for the main aggregates - Produce feature archives for oak_tar and oak_mongo - -Produce a kickstart jar- ( moved to SLING-9635 ) was: Fully switch starter to feature model: - The feature model converter will be used to create individual feature files out of the provisioning model files - Feature model aggregates will be defined for the current run modes: oak_tar and oak_mongo - Feature model analysers will be configured for the main aggregates - Produce feature archives for oak_tar and oak_mongo - Produce a kickstart jar > Fully switch starter build to the feature model > --- > > Key: SLING-9595 > URL: https://issues.apache.org/jira/browse/SLING-9595 > Project: Sling > Issue Type: Sub-task > Components: Starter >Reporter: Robert Munteanu >Assignee: Robert Munteanu >Priority: Major > Fix For: Starter 12 > > > Fully switch starter to feature model: > - The feature model converter will be used to create individual feature files > out of the provisioning model files > - Feature model aggregates will be defined for the current run modes: oak_tar > and oak_mongo > - Feature model analysers will be configured for the main aggregates > - Produce feature archives for oak_tar and oak_mongo > - -Produce a kickstart jar- ( moved to SLING-9635 ) -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Created] (SLING-9635) Create a kickstart jar during the Sling Starter build
Robert Munteanu created SLING-9635: -- Summary: Create a kickstart jar during the Sling Starter build Key: SLING-9635 URL: https://issues.apache.org/jira/browse/SLING-9635 Project: Sling Issue Type: Sub-task Components: Starter Reporter: Robert Munteanu Fix For: Starter 12 Separate from SLING-9595, see https://issues.apache.org/jira/browse/SLING-9595?focusedCommentId=17161943&page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#comment-17161943 -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Commented] (SLING-9634) Sling Dynamic Include not working with version 3.2.0
[ https://issues.apache.org/jira/browse/SLING-9634?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17171595#comment-17171595 ] John Mitchell commented on SLING-9634: -- Additionally - the parameter is `include-filter.config.disable_ignoreUrlParams` > Sling Dynamic Include not working with version 3.2.0 > > > Key: SLING-9634 > URL: https://issues.apache.org/jira/browse/SLING-9634 > Project: Sling > Issue Type: Bug >Affects Versions: Dynamic Include 3.2.0 >Reporter: Geetika Chhabra >Priority: Major > > In one of our projects, we have been using SDI 3.1.2 and it seems to be > working fine. However, in order to use the *disableIgnoreParams* feature > introduced in version 3.2.0 (SLING-9045), we switched to version 3.2.0 but > the default functionality of SDI doesn't seem to work anymore. We tried with > the query parameter and without, it doesn't work in both of the scenarios. > Additional steps we did to go from version 3.1.2 to 3.2.0: > * Updated the SDI version in pom.xml to point to 3.2.0. > * Added the *"include-filter.config.disableIgnoreUrlParams="\{Boolean}true"* > property in addition to the old ones. > Please note that it works as expected with version 3.1.2. -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Comment Edited] (SLING-9634) Sling Dynamic Include not working with version 3.2.0
[ https://issues.apache.org/jira/browse/SLING-9634?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17171595#comment-17171595 ] John Mitchell edited comment on SLING-9634 at 8/5/20, 4:20 PM: --- Additionally - the parameter is {noformat} include-filter.config.disable_ignoreUrlParams {noformat} was (Author: jfmitchell): Additionally - the parameter is `include-filter.config.disable_ignoreUrlParams` > Sling Dynamic Include not working with version 3.2.0 > > > Key: SLING-9634 > URL: https://issues.apache.org/jira/browse/SLING-9634 > Project: Sling > Issue Type: Bug >Affects Versions: Dynamic Include 3.2.0 >Reporter: Geetika Chhabra >Priority: Major > > In one of our projects, we have been using SDI 3.1.2 and it seems to be > working fine. However, in order to use the *disableIgnoreParams* feature > introduced in version 3.2.0 (SLING-9045), we switched to version 3.2.0 but > the default functionality of SDI doesn't seem to work anymore. We tried with > the query parameter and without, it doesn't work in both of the scenarios. > Additional steps we did to go from version 3.1.2 to 3.2.0: > * Updated the SDI version in pom.xml to point to 3.2.0. > * Added the *"include-filter.config.disableIgnoreUrlParams="\{Boolean}true"* > property in addition to the old ones. > Please note that it works as expected with version 3.1.2. -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Commented] (SLING-9634) Sling Dynamic Include not working with version 3.2.0
[ https://issues.apache.org/jira/browse/SLING-9634?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17171594#comment-17171594 ] John Mitchell commented on SLING-9634: -- [~geetika.chhabra] Can you provide a package with a simplified version of your implementation please that we can use to reproduce the problem? > Sling Dynamic Include not working with version 3.2.0 > > > Key: SLING-9634 > URL: https://issues.apache.org/jira/browse/SLING-9634 > Project: Sling > Issue Type: Bug >Affects Versions: Dynamic Include 3.2.0 >Reporter: Geetika Chhabra >Priority: Major > > In one of our projects, we have been using SDI 3.1.2 and it seems to be > working fine. However, in order to use the *disableIgnoreParams* feature > introduced in version 3.2.0 (SLING-9045), we switched to version 3.2.0 but > the default functionality of SDI doesn't seem to work anymore. We tried with > the query parameter and without, it doesn't work in both of the scenarios. > Additional steps we did to go from version 3.1.2 to 3.2.0: > * Updated the SDI version in pom.xml to point to 3.2.0. > * Added the *"include-filter.config.disableIgnoreUrlParams="\{Boolean}true"* > property in addition to the old ones. > Please note that it works as expected with version 3.1.2. -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Commented] (SLING-9556) add pipes execution through a simple text POST
[ https://issues.apache.org/jira/browse/SLING-9556?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17171592#comment-17171592 ] Eric Norman commented on SLING-9556: Are you sure this a safe thing to allow end users to do? Seems risky to me. > add pipes execution through a simple text POST > -- > > Key: SLING-9556 > URL: https://issues.apache.org/jira/browse/SLING-9556 > Project: Sling > Issue Type: Improvement > Components: Extensions >Affects Versions: Pipes 4.0.0 >Reporter: Nicolas Peltier >Assignee: Nicolas Peltier >Priority: Major > Fix For: Pipes 4.0.0 > > > problem with configuration of most pipes is JCR serialization is difficult to > read/maintain (basic XML maintenance issue). > Since it can be executed through gogo commands, the pipe could also simply be > some piped command in a text file that would be posted to the plumber, using > same pipebuilder functionality (see > https://github.com/apache/sling-org-apache-sling-pipes/blob/master/src/main/java/org/apache/sling/pipes/internal/GogoCommands.java#L81) -- This message was sent by Atlassian Jira (v8.3.4#803005)
[GitHub] [sling-org-apache-sling-dynamic-include] geetika95 commented on pull request #13: SLING-9045 - Rebase of PR #1 - Adding option to disable URL params check
geetika95 commented on pull request #13: URL: https://github.com/apache/sling-org-apache-sling-dynamic-include/pull/13#issuecomment-669284766 Thanks @rombert, I created the ticket, here it is https://issues.apache.org/jira/browse/SLING-9634 This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[jira] [Created] (SLING-9634) Sling Dynamic Include not working with version 3.2.0
Geetika Chhabra created SLING-9634: -- Summary: Sling Dynamic Include not working with version 3.2.0 Key: SLING-9634 URL: https://issues.apache.org/jira/browse/SLING-9634 Project: Sling Issue Type: Bug Affects Versions: Dynamic Include 3.2.0 Reporter: Geetika Chhabra In one of our projects, we have been using SDI 3.1.2 and it seems to be working fine. However, in order to use the *disableIgnoreParams* feature introduced in version 3.2.0 (SLING-9045), we switched to version 3.2.0 but the default functionality of SDI doesn't seem to work anymore. We tried with the query parameter and without, it doesn't work in both of the scenarios. Additional steps we did to go from version 3.1.2 to 3.2.0: * Updated the SDI version in pom.xml to point to 3.2.0. * Added the *"include-filter.config.disableIgnoreUrlParams="\{Boolean}true"* property in addition to the old ones. Please note that it works as expected with version 3.1.2. -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Commented] (SLING-9547) markdown renderer for pipe configurations
[ https://issues.apache.org/jira/browse/SLING-9547?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17171583#comment-17171583 ] Nicolas Peltier commented on SLING-9547: while it would be cool, we figured out SLING-9556 would make the job of being version controlled better (cc [~tuerkben] [~hwong] ) > markdown renderer for pipe configurations > - > > Key: SLING-9547 > URL: https://issues.apache.org/jira/browse/SLING-9547 > Project: Sling > Issue Type: Improvement > Components: Extensions >Reporter: Nicolas Peltier >Priority: Major > Fix For: Pipes 4.0.0 > > > it's often pretty difficult to read what a pipe is doing by looking at JCR > serialization. This is for generating markdown out of a pipe so it's easy to > read what it's doing in a browser or in a PR -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Resolved] (SLING-9556) add pipes execution through a simple text POST
[ https://issues.apache.org/jira/browse/SLING-9556?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Nicolas Peltier resolved SLING-9556. Fix Version/s: Pipes 4.0.0 Resolution: Fixed > add pipes execution through a simple text POST > -- > > Key: SLING-9556 > URL: https://issues.apache.org/jira/browse/SLING-9556 > Project: Sling > Issue Type: Improvement > Components: Extensions >Affects Versions: Pipes 4.0.0 >Reporter: Nicolas Peltier >Priority: Major > Fix For: Pipes 4.0.0 > > > problem with configuration of most pipes is JCR serialization is difficult to > read/maintain (basic XML maintenance issue). > Since it can be executed through gogo commands, the pipe could also simply be > some piped command in a text file that would be posted to the plumber, using > same pipebuilder functionality (see > https://github.com/apache/sling-org-apache-sling-pipes/blob/master/src/main/java/org/apache/sling/pipes/internal/GogoCommands.java#L81) -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Assigned] (SLING-9556) add pipes execution through a simple text POST
[ https://issues.apache.org/jira/browse/SLING-9556?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Nicolas Peltier reassigned SLING-9556: -- Assignee: Nicolas Peltier > add pipes execution through a simple text POST > -- > > Key: SLING-9556 > URL: https://issues.apache.org/jira/browse/SLING-9556 > Project: Sling > Issue Type: Improvement > Components: Extensions >Affects Versions: Pipes 4.0.0 >Reporter: Nicolas Peltier >Assignee: Nicolas Peltier >Priority: Major > Fix For: Pipes 4.0.0 > > > problem with configuration of most pipes is JCR serialization is difficult to > read/maintain (basic XML maintenance issue). > Since it can be executed through gogo commands, the pipe could also simply be > some piped command in a text file that would be posted to the plumber, using > same pipebuilder functionality (see > https://github.com/apache/sling-org-apache-sling-pipes/blob/master/src/main/java/org/apache/sling/pipes/internal/GogoCommands.java#L81) -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Resolved] (SLING-9547) markdown renderer for pipe configurations
[ https://issues.apache.org/jira/browse/SLING-9547?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Nicolas Peltier resolved SLING-9547. Resolution: Won't Fix > markdown renderer for pipe configurations > - > > Key: SLING-9547 > URL: https://issues.apache.org/jira/browse/SLING-9547 > Project: Sling > Issue Type: Improvement > Components: Extensions >Reporter: Nicolas Peltier >Priority: Major > Fix For: Pipes 4.0.0 > > > it's often pretty difficult to read what a pipe is doing by looking at JCR > serialization. This is for generating markdown out of a pipe so it's easy to > read what it's doing in a browser or in a PR -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Resolved] (SLING-9633) Testing Clients Polling does not return all exceptions encountered while polling
[ https://issues.apache.org/jira/browse/SLING-9633?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Andrei Dulvac resolved SLING-9633. -- Resolution: Fixed > Testing Clients Polling does not return all exceptions encountered while > polling > > > Key: SLING-9633 > URL: https://issues.apache.org/jira/browse/SLING-9633 > Project: Sling > Issue Type: Bug >Affects Versions: Apache Sling Testing Clients 2.0.0 >Reporter: Andrei Dulvac >Assignee: Andrei Dulvac >Priority: Minor > Fix For: Apache Sling Testing Clients 2.0.2 > > > It can happen with {{Polling}} that the last exception thrown is not the same > as the subsequent ones, for example in case of an operation with side effects > that might have thrown a particular exception, after which it throws some > sort of "conflict" exception. That first exception is thus lost. -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Updated] (SLING-9623) ResourceMapperImpl.getAllMappings is incomplete for nested alias
[ https://issues.apache.org/jira/browse/SLING-9623?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Carsten Ziegeler updated SLING-9623: Fix Version/s: Resource Resolver 1.6.18 > ResourceMapperImpl.getAllMappings is incomplete for nested alias > > > Key: SLING-9623 > URL: https://issues.apache.org/jira/browse/SLING-9623 > Project: Sling > Issue Type: Bug > Components: ResourceResolver >Affects Versions: Resource Resolver 1.6.16 >Reporter: Angela Schreiber >Priority: Major > Fix For: Resource Resolver 1.6.18 > > Attachments: SLING-9623-test.patch > > > while investigating an issue involving {{sling:alias}}, i inadvertently > created nested alias i.e. ended up having an alias define for the parent and > a child page. > when looking at the values obtained from {{ResourceMapper.getAllMappings}}, i > noticed that it only contains 1 combination. cross-checking however revealed > that all combinations define valid paths that are properly resolved by sling. > h5. Example > parent: _/parent_ with alias name 'alias-parent' > child: _/parent/child_ with alias name 'alias-child' > valid paths for the child are (and expected from > {{ResourceMapper.getAllMappings}}): > - _/parent/child_ > - _/parent/alias-child_ > - _/alias-parent/alias-child_ > - _/alias-parent/child_ > actual values obtained from {{ResourceMapper.getAllMappings}}: > - _/parent/child_ > - _/alias-parent/alias-child_ > consequently, an consumer of {{ResourceMapper.getAllMappings}} will miss > valid alias path mappings. with additional nesting or addition of multiple > alias values (see SLING-9620), the number of missed paths will increase. -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Updated] (SLING-8349) resolver.map - map empty path to root path
[ https://issues.apache.org/jira/browse/SLING-8349?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Carsten Ziegeler updated SLING-8349: Affects Version/s: (was: Resource Resolver 1.6.10) Resource Resolver 1.6.8 > resolver.map - map empty path to root path > --- > > Key: SLING-8349 > URL: https://issues.apache.org/jira/browse/SLING-8349 > Project: Sling > Issue Type: Bug > Components: ResourceResolver >Affects Versions: Resource Resolver 1.6.8 >Reporter: Ashok Kumar >Assignee: Karl Pauls >Priority: Major > Fix For: Resource Resolver 1.6.12 > > Time Spent: 0.5h > Remaining Estimate: 0h > > Extend fix done in SLING-8335 to include check for empty path. > map empty path to root path not to a null resource -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Updated] (SLING-9620) ResourceMapperImpl.getAllMappings does not respect multi-valued sling:alias
[ https://issues.apache.org/jira/browse/SLING-9620?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Carsten Ziegeler updated SLING-9620: Fix Version/s: Resource Resolver 1.6.18 > ResourceMapperImpl.getAllMappings does not respect multi-valued sling:alias > --- > > Key: SLING-9620 > URL: https://issues.apache.org/jira/browse/SLING-9620 > Project: Sling > Issue Type: Bug > Components: ResourceResolver >Affects Versions: Resource Resolver 1.6.16 >Reporter: Angela Schreiber >Priority: Major > Fix For: Resource Resolver 1.6.18 > > Attachments: SLING-9620-test.patch > > > while investigating an issue involving {{sling:alias}}, i ended up manually > adding the property using JCR API calls. this involved first adding the > {{sling:ResourceAlias}} and i noticed that {{sling:alias}} can be both single > or multi-valued according to the node type definition: > {code} > / Mixin node type to enable setting an alias on a resource > [sling:ResourceAlias] > mixin > > // alias name(s) for the node (single or multi-value) > - sling:alias (string) > - sling:alias (string) multiple > {code} > when setting multiple values for the {{sling:alias}} property, i found that > {{ResourceMapper.getAllMappings}} only returns the first alias. > looking at the implementation in > {{ResourceMapperImpl.loadAliasIfApplicable}}, it seems that line 216 > ({{String alias = ResourceResolverControl.getProperty(current, > ResourceResolverImpl.PROP_ALIAS);}}), is the culprit as call will in any case > just return a single string (it calls {{getProperty(res, propName, > String.class)}}). > as a consequence consumers of the {{ResourceMapper.getAllMappings}} method > will not get a complete list of all aliases available. -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Created] (SLING-9633) Testing Clients Polling does not return all exceptions encountered while polling
Andrei Dulvac created SLING-9633: Summary: Testing Clients Polling does not return all exceptions encountered while polling Key: SLING-9633 URL: https://issues.apache.org/jira/browse/SLING-9633 Project: Sling Issue Type: Bug Affects Versions: Apache Sling Testing Clients 2.0.0 Reporter: Andrei Dulvac Assignee: Andrei Dulvac Fix For: Apache Sling Testing Clients 2.0.2 It can happen with {{Polling}} that the last exception thrown is not the same as the subsequent ones, for example in case of an operation with side effects that might have thrown a particular exception, after which it throws some sort of "conflict" exception. That first exception is thus lost. -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Resolved] (SLING-9529) Update auth core to parent pom 39 or newer
[ https://issues.apache.org/jira/browse/SLING-9529?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Carsten Ziegeler resolved SLING-9529. - Resolution: Fixed Updated > Update auth core to parent pom 39 or newer > -- > > Key: SLING-9529 > URL: https://issues.apache.org/jira/browse/SLING-9529 > Project: Sling > Issue Type: Sub-task > Components: Authentication >Reporter: Robert Munteanu >Assignee: Carsten Ziegeler >Priority: Major > Fix For: Auth Core 1.5.0 > > -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Resolved] (SLING-5483) Unauthenticated request: getUserPrincipal() doesn't return null for auth.annonymous=true
[ https://issues.apache.org/jira/browse/SLING-5483?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Carsten Ziegeler resolved SLING-5483. - Resolution: Fixed Fixed in https://github.com/apache/sling-org-apache-sling-auth-core/commit/c4f4deffe0590646562d47a7c52b4490859a74ed > Unauthenticated request: getUserPrincipal() doesn't return null for > auth.annonymous=true > > > Key: SLING-5483 > URL: https://issues.apache.org/jira/browse/SLING-5483 > Project: Sling > Issue Type: Bug > Components: Authentication, Engine >Reporter: Angela Schreiber >Assignee: Carsten Ziegeler >Priority: Major > Fix For: Auth Core 1.5.0 > > > The javadoc for {{HttpServletRequest.getUserPrincipal()}} states the > following for an unauthenticated request: > {quote} > If the user has not been authenticated, the method returns null. > {quote} > With the request implementation present with Sling this is {{true}} as long > as the property {{auth.annonymous}} is disabled in the {{Authenticator}}. > Allowing for anonymous access by default in the Sling {{Authenticator}} > however will change the behavior of this method to return a non-null > principal (by default: 'anonymous') > Surprisingly, {{HttpServletRequest.getAuthType()}} behaves as documented in > the Javadoc (basically stating the same) irrespective of the > {{auth.annonymous}} flag (i.e. always returning {{null}} for un-authenticated > access). > Without being too familiar with the internals of the {{HttpServletRequest}} > implementation in Sling I got the impression that the reason for this issue > is due to the behavior in the {{Authenticator}} and how the corresponding > properties (i.e. userprincipal and authtype) are passed to the request -> > setting components accordingly. Please adjust if needed. -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Resolved] (SLING-9622) Avoid registration of auth requirements for aliases and vanity paths
[ https://issues.apache.org/jira/browse/SLING-9622?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Carsten Ziegeler resolved SLING-9622. - Resolution: Fixed > Avoid registration of auth requirements for aliases and vanity paths > > > Key: SLING-9622 > URL: https://issues.apache.org/jira/browse/SLING-9622 > Project: Sling > Issue Type: Improvement > Components: Authentication >Reporter: Carsten Ziegeler >Assignee: Carsten Ziegeler >Priority: Major > Fix For: Auth Core 1.5.0 > > Time Spent: 1.5h > Remaining Estimate: 0h > > Right now when auth requirements are registered, they need to be registered > for the resource path, as well as all vanity paths and potentially all > combinations of aliases for that path. First of all, this creates potentially > a lot of auth requirements for a single path, but as well requires that the > registrar of the auth requirement to be aware of vanity paths and aliases and > do the right thing and update the auth requirements whenever there are > changes. > We should avoid these additional registrations and processing. > The SlingAuthenticator is currently checking the request path against the > auth requirements. We could change this with checking the resolved path. So > the authenticator could use a service user resolver and resolve the path and > then check the auth requirements. > This avoids all the extra work for the registrar of the auth requirements, > but comes with the additional cost of a resolve call per request -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Resolved] (SLING-5448) AuthenticationInfoPostProcessor javadoc misleading
[ https://issues.apache.org/jira/browse/SLING-5448?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Carsten Ziegeler resolved SLING-5448. - Resolution: Fixed Finally updated the javadoc as suggested > AuthenticationInfoPostProcessor javadoc misleading > -- > > Key: SLING-5448 > URL: https://issues.apache.org/jira/browse/SLING-5448 > Project: Sling > Issue Type: Bug > Components: Authentication >Affects Versions: Auth Core 1.3.12 >Reporter: Alexander Klimetschek >Assignee: Carsten Ziegeler >Priority: Major > Fix For: Auth Core 1.5.0 > > > Currently, the [AuthenticationInfoPostProcessor javadoc > says|https://github.com/apache/sling/blob/4bc090c5f8cb8ec8d6b1674176978e9a5feff503/bundles/auth/core/src/main/java/org/apache/sling/auth/core/spi/AuthenticationInfoPostProcessor.java#L25-L29]: > {quote} > Service interface which allows bundles to modify the AuthenticationInfo > object after authentication has been performed. > {quote} > But that's pretty misleading, as "after authentication" actually means "one > AuthenticationHandler has returned an AuthenticationInfo" object, but does > not include the resource provider creations (e.g. JCR repository login), > which are often understood as part of authentication too. > I suggest this instead: > {quote} > Service interface which allows bundles to modify the AuthenticationInfo > object right after one authentication handler has returned it from > extractCredentials() or for an anonymous AuthenticationInfo. It is called > before the resource resolver is created and any authentication in the > resource providers (such as JCR repository login) happens. > As such it is useful to intercept responses from other AuthenticationHandlers > and access or modify the AuthenticationInfo before they are actually used to > create the resource resolver. > {quote} -- This message was sent by Atlassian Jira (v8.3.4#803005)
Re: [VOTE] Release Apache Sling Scripting HTL JS Use Provider 1.2.4
+1 On Wed, Aug 5, 2020 at 5:32 AM Stefan Seifert wrote: > +1 > > >
[jira] [Commented] (SLING-9622) Avoid registration of auth requirements for aliases and vanity paths
[ https://issues.apache.org/jira/browse/SLING-9622?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17171473#comment-17171473 ] Carsten Ziegeler commented on SLING-9622: - Created and merged PR https://github.com/apache/sling-org-apache-sling-auth-core/pull/4/ > Avoid registration of auth requirements for aliases and vanity paths > > > Key: SLING-9622 > URL: https://issues.apache.org/jira/browse/SLING-9622 > Project: Sling > Issue Type: Improvement > Components: Authentication >Reporter: Carsten Ziegeler >Assignee: Carsten Ziegeler >Priority: Major > Fix For: Auth Core 1.5.0 > > Time Spent: 1.5h > Remaining Estimate: 0h > > Right now when auth requirements are registered, they need to be registered > for the resource path, as well as all vanity paths and potentially all > combinations of aliases for that path. First of all, this creates potentially > a lot of auth requirements for a single path, but as well requires that the > registrar of the auth requirement to be aware of vanity paths and aliases and > do the right thing and update the auth requirements whenever there are > changes. > We should avoid these additional registrations and processing. > The SlingAuthenticator is currently checking the request path against the > auth requirements. We could change this with checking the resolved path. So > the authenticator could use a service user resolver and resolve the path and > then check the auth requirements. > This avoids all the extra work for the registrar of the auth requirements, > but comes with the additional cost of a resolve call per request -- This message was sent by Atlassian Jira (v8.3.4#803005)
[GitHub] [sling-org-apache-sling-auth-core] cziegeler merged pull request #4: SLING-9622 : Avoid registration of auth requirements for aliases and vanity paths
cziegeler merged pull request #4: URL: https://github.com/apache/sling-org-apache-sling-auth-core/pull/4 This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [sling-org-apache-sling-auth-core] sonarcloud[bot] commented on pull request #4: SLING-9622 : Avoid registration of auth requirements for aliases and vanity paths
sonarcloud[bot] commented on pull request #4: URL: https://github.com/apache/sling-org-apache-sling-auth-core/pull/4#issuecomment-669166339 Kudos, SonarCloud Quality Gate passed! [](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-auth-core&pullRequest=4&resolved=false&types=BUG) [](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-auth-core&pullRequest=4&resolved=false&types=BUG) [0 Bugs](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-auth-core&pullRequest=4&resolved=false&types=BUG) [](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-auth-core&pullRequest=4&resolved=false&types=VULNERABILITY) [](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-auth-core&pullRequest=4&resolved=false&types=VULNERABILITY) [0 Vulnerabilities](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-auth-core&pullRequest=4&resolved=false&types=VULNERABILITY) (and [](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-auth-core&pullRequest=4&resolved=false&types=SECURITY_HOTSPO T) [0 Security Hotspots](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-auth-core&pullRequest=4&resolved=false&types=SECURITY_HOTSPOT) to review) [](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-auth-core&pullRequest=4&resolved=false&types=CODE_SMELL) [](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-auth-core&pullRequest=4&resolved=false&types=CODE_SMELL) [5 Code Smells](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-auth-core&pullRequest=4&resolved=false&types=CODE_SMELL) [](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-auth-core&pullRequest=4&metric=new_coverage&view=list) [83.1% Coverage](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-auth-core&pullRequest=4&metric=new_coverage&view=list) [](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-auth-core&pullRequest=4&metric=new_duplicated_lines_density&view=list) [0.0% Duplication](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-auth-core&pullRequest=4&metric=new_duplicated_lines_density&view=list) The version of Java (1.8.0_252) you have used to run this analysis is deprecated and we will stop accepting it from October 2020. Please update to at least Java 11. Read more [here](https://sonarcloud.io/documentation/upcoming/) This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [sling-org-apache-sling-auth-core] sonarcloud[bot] removed a comment on pull request #4: SLING-9622 : Avoid registration of auth requirements for aliases and vanity paths
sonarcloud[bot] removed a comment on pull request #4: URL: https://github.com/apache/sling-org-apache-sling-auth-core/pull/4#issuecomment-669105847 Kudos, SonarCloud Quality Gate passed! [](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-auth-core&pullRequest=4&resolved=false&types=BUG) [](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-auth-core&pullRequest=4&resolved=false&types=BUG) [0 Bugs](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-auth-core&pullRequest=4&resolved=false&types=BUG) [](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-auth-core&pullRequest=4&resolved=false&types=VULNERABILITY) [](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-auth-core&pullRequest=4&resolved=false&types=VULNERABILITY) [0 Vulnerabilities](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-auth-core&pullRequest=4&resolved=false&types=VULNERABILITY) (and [](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-auth-core&pullRequest=4&resolved=false&types=SECURITY_HOTSPO T) [0 Security Hotspots](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-auth-core&pullRequest=4&resolved=false&types=SECURITY_HOTSPOT) to review) [](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-auth-core&pullRequest=4&resolved=false&types=CODE_SMELL) [](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-auth-core&pullRequest=4&resolved=false&types=CODE_SMELL) [5 Code Smells](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-auth-core&pullRequest=4&resolved=false&types=CODE_SMELL) [](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-auth-core&pullRequest=4&metric=new_coverage&view=list) [80.1% Coverage](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-auth-core&pullRequest=4&metric=new_coverage&view=list) [](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-auth-core&pullRequest=4&metric=new_duplicated_lines_density&view=list) [0.0% Duplication](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-auth-core&pullRequest=4&metric=new_duplicated_lines_density&view=list) The version of Java (1.8.0_252) you have used to run this analysis is deprecated and we will stop accepting it from October 2020. Please update to at least Java 11. Read more [here](https://sonarcloud.io/documentation/upcoming/) This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [sling-org-apache-sling-auth-core] cziegeler commented on pull request #4: SLING-9622 : Avoid registration of auth requirements for aliases and vanity paths
cziegeler commented on pull request #4: URL: https://github.com/apache/sling-org-apache-sling-auth-core/pull/4#issuecomment-669164826 Thanks @anchela , I've created SLING-9631 and SLING-9632 for the unrelated changes and committed those changes separately. This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[jira] [Resolved] (SLING-9632) Migrate from PropertiesUtil to Converters
[ https://issues.apache.org/jira/browse/SLING-9632?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Carsten Ziegeler resolved SLING-9632. - Resolution: Fixed https://github.com/apache/sling-org-apache-sling-auth-core/commit/f50b1f9828c9688e3d4ae4ea2cf67196ef372154 > Migrate from PropertiesUtil to Converters > - > > Key: SLING-9632 > URL: https://issues.apache.org/jira/browse/SLING-9632 > Project: Sling > Issue Type: Improvement > Components: Authentication >Reporter: Carsten Ziegeler >Assignee: Carsten Ziegeler >Priority: Major > Fix For: Auth Core 1.5.0 > > > We should migrate from Slings common osgi PropertiesUtil to the OSGi > Converter instead -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Resolved] (SLING-9631) Avoid read/write lock when processing requests
[ https://issues.apache.org/jira/browse/SLING-9631?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Carsten Ziegeler resolved SLING-9631. - Resolution: Fixed https://github.com/apache/sling-org-apache-sling-auth-core/commit/c91e17e25e5b511697e1d5cd19666ca9fd78b8a5 > Avoid read/write lock when processing requests > -- > > Key: SLING-9631 > URL: https://issues.apache.org/jira/browse/SLING-9631 > Project: Sling > Issue Type: Improvement > Components: Authentication >Reporter: Carsten Ziegeler >Assignee: Carsten Ziegeler >Priority: Major > Fix For: Auth Core 1.5.0 > > > The PathBasedHolderCache is using a read/write lock to synchronize changes > and read access (on every access). We can avoid that lock for reading by > switching to a concurrent map and just synchronize the writing -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Updated] (SLING-6955) Convert Sling website to JBake and gitpubsub
[ https://issues.apache.org/jira/browse/SLING-6955?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Bertrand Delacretaz updated SLING-6955: --- Description: I've started experimenting with JBake to generate the Sling website. If that works well we might switch to that + gitpubsub to have a more flexible way to generate the site. My current experiment is at [https://github.com/bdelacretaz/sling-jbake], at this point the site starts looking like the current one and many pages work well. Update: it's now at [https://github.com/apache/sling-site|https://github.com/apache/sling-site] Internal links will need to be converted, all *.md files need a more complete "front matter" section, currently I have a stub for that, and I think images need to move under the assets folder. To play with that, generate the site with the bake.sh script (setup shamelessly copied from [https://github.com/apache/incubator-tamaya-site]) was: I've started experimenting with JBake to generate the Sling website. If that works well we might switch to that + gitpubsub to have a more flexible way to generate the site. My current experiment is at https://github.com/bdelacretaz/sling-jbake, at this point the site starts looking like the current one and many pages work well. _Update: it's now at https://github.com/apache/sling-site_ Internal links will need to be converted, all *.md files need a more complete "front matter" section, currently I have a stub for that, and I think images need to move under the assets folder. To play with that, generate the site with the bake.sh script (setup shamelessly copied from https://github.com/apache/incubator-tamaya-site) > Convert Sling website to JBake and gitpubsub > > > Key: SLING-6955 > URL: https://issues.apache.org/jira/browse/SLING-6955 > Project: Sling > Issue Type: Bug > Components: Site >Reporter: Bertrand Delacretaz >Assignee: Bertrand Delacretaz >Priority: Major > > I've started experimenting with JBake to generate the Sling website. If that > works well we might switch to that + gitpubsub to have a more flexible way to > generate the site. > My current experiment is at [https://github.com/bdelacretaz/sling-jbake], at > this point the site starts looking like the current one and many pages work > well. > Update: it's now at > [https://github.com/apache/sling-site|https://github.com/apache/sling-site] > Internal links will need to be converted, all *.md files need a more complete > "front matter" section, currently I have a stub for that, and I think images > need to move under the assets folder. > To play with that, generate the site with the bake.sh script (setup > shamelessly copied from [https://github.com/apache/incubator-tamaya-site]) -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Updated] (SLING-6955) Convert Sling website to JBake and gitpubsub
[ https://issues.apache.org/jira/browse/SLING-6955?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Bertrand Delacretaz updated SLING-6955: --- Description: I've started experimenting with JBake to generate the Sling website. If that works well we might switch to that + gitpubsub to have a more flexible way to generate the site. My current experiment is at https://github.com/bdelacretaz/sling-jbake, at this point the site starts looking like the current one and many pages work well. _Update: it's now at https://github.com/apache/sling-site_ Internal links will need to be converted, all *.md files need a more complete "front matter" section, currently I have a stub for that, and I think images need to move under the assets folder. To play with that, generate the site with the bake.sh script (setup shamelessly copied from https://github.com/apache/incubator-tamaya-site) was: I've started experimenting with JBake to generate the Sling website. If that works well we might switch to that + gitpubsub to have a more flexible way to generate the site. My current experiment is at https://github.com/bdelacretaz/sling-jbake, at this point the site starts looking like the current one and many pages work well. Update: it's now at https://github.com/apache/sling-site Internal links will need to be converted, all *.md files need a more complete "front matter" section, currently I have a stub for that, and I think images need to move under the assets folder. To play with that, generate the site with the bake.sh script (setup shamelessly copied from https://github.com/apache/incubator-tamaya-site) > Convert Sling website to JBake and gitpubsub > > > Key: SLING-6955 > URL: https://issues.apache.org/jira/browse/SLING-6955 > Project: Sling > Issue Type: Bug > Components: Site >Reporter: Bertrand Delacretaz >Assignee: Bertrand Delacretaz >Priority: Major > > I've started experimenting with JBake to generate the Sling website. If that > works well we might switch to that + gitpubsub to have a more flexible way to > generate the site. > My current experiment is at https://github.com/bdelacretaz/sling-jbake, at > this point the site starts looking like the current one and many pages work > well. > _Update: it's now at https://github.com/apache/sling-site_ > Internal links will need to be converted, all *.md files need a more complete > "front matter" section, currently I have a stub for that, and I think images > need to move under the assets folder. > To play with that, generate the site with the bake.sh script (setup > shamelessly copied from https://github.com/apache/incubator-tamaya-site) -- This message was sent by Atlassian Jira (v8.3.4#803005)
RE: [VOTE] Release Apache Sling JCR Base 3.1.4
+1 (sorry for the wrong mail von JCR base 3.1.2 - i validated 3.1.4) stefan
[GitHub] [sling-org-apache-sling-auth-core] cziegeler commented on pull request #4: SLING-9622 : Avoid registration of auth requirements for aliases and vanity paths
cziegeler commented on pull request #4: URL: https://github.com/apache/sling-org-apache-sling-auth-core/pull/4#issuecomment-669108303 @anchela In theory adaptTo can return null - but the ResourceMapper is guaranteed to be there - so this will never return null. This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [sling-org-apache-sling-auth-core] sonarcloud[bot] commented on pull request #4: SLING-9622 : Avoid registration of auth requirements for aliases and vanity paths
sonarcloud[bot] commented on pull request #4: URL: https://github.com/apache/sling-org-apache-sling-auth-core/pull/4#issuecomment-669105847 Kudos, SonarCloud Quality Gate passed! [](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-auth-core&pullRequest=4&resolved=false&types=BUG) [](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-auth-core&pullRequest=4&resolved=false&types=BUG) [0 Bugs](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-auth-core&pullRequest=4&resolved=false&types=BUG) [](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-auth-core&pullRequest=4&resolved=false&types=VULNERABILITY) [](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-auth-core&pullRequest=4&resolved=false&types=VULNERABILITY) [0 Vulnerabilities](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-auth-core&pullRequest=4&resolved=false&types=VULNERABILITY) (and [](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-auth-core&pullRequest=4&resolved=false&types=SECURITY_HOTSPO T) [0 Security Hotspots](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-auth-core&pullRequest=4&resolved=false&types=SECURITY_HOTSPOT) to review) [](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-auth-core&pullRequest=4&resolved=false&types=CODE_SMELL) [](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-auth-core&pullRequest=4&resolved=false&types=CODE_SMELL) [5 Code Smells](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-auth-core&pullRequest=4&resolved=false&types=CODE_SMELL) [](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-auth-core&pullRequest=4&metric=new_coverage&view=list) [80.1% Coverage](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-auth-core&pullRequest=4&metric=new_coverage&view=list) [](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-auth-core&pullRequest=4&metric=new_duplicated_lines_density&view=list) [0.0% Duplication](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-auth-core&pullRequest=4&metric=new_duplicated_lines_density&view=list) The version of Java (1.8.0_252) you have used to run this analysis is deprecated and we will stop accepting it from October 2020. Please update to at least Java 11. Read more [here](https://sonarcloud.io/documentation/upcoming/) This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [sling-org-apache-sling-auth-core] sonarcloud[bot] removed a comment on pull request #4: SLING-9622 : Avoid registration of auth requirements for aliases and vanity paths
sonarcloud[bot] removed a comment on pull request #4: URL: https://github.com/apache/sling-org-apache-sling-auth-core/pull/4#issuecomment-669099203 SonarCloud Quality Gate failed. [](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-auth-core&pullRequest=4&resolved=false&types=BUG) [](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-auth-core&pullRequest=4&resolved=false&types=BUG) [2 Bugs](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-auth-core&pullRequest=4&resolved=false&types=BUG) [](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-auth-core&pullRequest=4&resolved=false&types=VULNERABILITY) [](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-auth-core&pullRequest=4&resolved=false&types=VULNERABILITY) [0 Vulnerabilities](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-auth-core&pullRequest=4&resolved=false&types=VULNERABILITY) (and [](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-auth-core&pullRequest=4&resolved=false&types=SECURITY_HOTSPO T) [0 Security Hotspots](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-auth-core&pullRequest=4&resolved=false&types=SECURITY_HOTSPOT) to review) [](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-auth-core&pullRequest=4&resolved=false&types=CODE_SMELL) [](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-auth-core&pullRequest=4&resolved=false&types=CODE_SMELL) [12 Code Smells](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-auth-core&pullRequest=4&resolved=false&types=CODE_SMELL) [](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-auth-core&pullRequest=4&metric=new_coverage&view=list) [80.1% Coverage](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-auth-core&pullRequest=4&metric=new_coverage&view=list) [](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-auth-core&pullRequest=4&metric=new_duplicated_lines_density&view=list) [0.0% Duplication](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-auth-core&pullRequest=4&metric=new_duplicated_lines_density&view=list) The version of Java (1.8.0_252) you have used to run this analysis is deprecated and we will stop accepting it from October 2020. Please update to at least Java 11. Read more [here](https://sonarcloud.io/documentation/upcoming/) This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [sling-org-apache-sling-auth-core] cziegeler commented on pull request #1: Strings and Boxed types should be compared using "equals()"
cziegeler commented on pull request #1: URL: https://github.com/apache/sling-org-apache-sling-auth-core/pull/1#issuecomment-669101239 Thanks for the PR - the current code looks strange, however with the suggest PR a NPE might occur as sudo might be null. The current boolean is taking this into account. I think a much better way would be to remove that boolean and the setCookie check and adjust the following if blocks This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [sling-org-apache-sling-auth-core] sonarcloud[bot] commented on pull request #4: SLING-9622 : Avoid registration of auth requirements for aliases and vanity paths
sonarcloud[bot] commented on pull request #4: URL: https://github.com/apache/sling-org-apache-sling-auth-core/pull/4#issuecomment-669099203 SonarCloud Quality Gate failed. [](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-auth-core&pullRequest=4&resolved=false&types=BUG) [](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-auth-core&pullRequest=4&resolved=false&types=BUG) [2 Bugs](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-auth-core&pullRequest=4&resolved=false&types=BUG) [](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-auth-core&pullRequest=4&resolved=false&types=VULNERABILITY) [](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-auth-core&pullRequest=4&resolved=false&types=VULNERABILITY) [0 Vulnerabilities](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-auth-core&pullRequest=4&resolved=false&types=VULNERABILITY) (and [](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-auth-core&pullRequest=4&resolved=false&types=SECURITY_HOTSPO T) [0 Security Hotspots](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-auth-core&pullRequest=4&resolved=false&types=SECURITY_HOTSPOT) to review) [](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-auth-core&pullRequest=4&resolved=false&types=CODE_SMELL) [](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-auth-core&pullRequest=4&resolved=false&types=CODE_SMELL) [12 Code Smells](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-auth-core&pullRequest=4&resolved=false&types=CODE_SMELL) [](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-auth-core&pullRequest=4&metric=new_coverage&view=list) [80.1% Coverage](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-auth-core&pullRequest=4&metric=new_coverage&view=list) [](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-auth-core&pullRequest=4&metric=new_duplicated_lines_density&view=list) [0.0% Duplication](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-auth-core&pullRequest=4&metric=new_duplicated_lines_density&view=list) The version of Java (1.8.0_252) you have used to run this analysis is deprecated and we will stop accepting it from October 2020. Please update to at least Java 11. Read more [here](https://sonarcloud.io/documentation/upcoming/) This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [sling-org-apache-sling-auth-core] cziegeler opened a new pull request #4: SLING-9622 : Avoid registration of auth requirements for aliases and vanity paths
cziegeler opened a new pull request #4: URL: https://github.com/apache/sling-org-apache-sling-auth-core/pull/4 This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org
Re: Please welcome Henry Saginor, Sling committer
Welcome Henry ! Le mer. 5 août 2020 à 10:47, Bertrand Delacretaz a écrit : > On Wed, Aug 5, 2020 at 10:33 AM Robert Munteanu > wrote: > > ..Please join me in welcoming Henry!.. > > Welcome Henry, glad to have you on board! > > -Bertrand (who has a number of Henri in his family ;-) >
RE: [VOTE] Release Apache Sling Scripting HTL JS Use Provider 1.2.4
+1
RE: [VOTE] Release Apache Sling JCR Base 3.1.2
+1
[jira] [Created] (SLING-9632) Migrate from PropertiesUtil to Converters
Carsten Ziegeler created SLING-9632: --- Summary: Migrate from PropertiesUtil to Converters Key: SLING-9632 URL: https://issues.apache.org/jira/browse/SLING-9632 Project: Sling Issue Type: Improvement Components: Authentication Reporter: Carsten Ziegeler Assignee: Carsten Ziegeler Fix For: Auth Core 1.4.10 We should migrate from Slings common osgi PropertiesUtil to the OSGi Converter instead -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Created] (SLING-9631) Avoid read/write lock when processing requests
Carsten Ziegeler created SLING-9631: --- Summary: Avoid read/write lock when processing requests Key: SLING-9631 URL: https://issues.apache.org/jira/browse/SLING-9631 Project: Sling Issue Type: Improvement Components: Authentication Reporter: Carsten Ziegeler Assignee: Carsten Ziegeler Fix For: Auth Core 1.4.10 The PathBasedHolderCache is using a read/write lock to synchronize changes and read access (on every access). We can avoid that lock for reading by switching to a concurrent map and just synchronize the writing -- This message was sent by Atlassian Jira (v8.3.4#803005)
Re: Please welcome Henry Saginor, Sling committer
On Wed, Aug 5, 2020 at 10:33 AM Robert Munteanu wrote: > ..Please join me in welcoming Henry!.. Welcome Henry, glad to have you on board! -Bertrand (who has a number of Henri in his family ;-)
[jira] [Updated] (SLING-5448) AuthenticationInfoPostProcessor javadoc misleading
[ https://issues.apache.org/jira/browse/SLING-5448?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Carsten Ziegeler updated SLING-5448: Fix Version/s: Auth Core 1.4.10 > AuthenticationInfoPostProcessor javadoc misleading > -- > > Key: SLING-5448 > URL: https://issues.apache.org/jira/browse/SLING-5448 > Project: Sling > Issue Type: Bug > Components: Authentication >Affects Versions: Auth Core 1.3.12 >Reporter: Alexander Klimetschek >Assignee: Carsten Ziegeler >Priority: Major > Fix For: Auth Core 1.4.10 > > > Currently, the [AuthenticationInfoPostProcessor javadoc > says|https://github.com/apache/sling/blob/4bc090c5f8cb8ec8d6b1674176978e9a5feff503/bundles/auth/core/src/main/java/org/apache/sling/auth/core/spi/AuthenticationInfoPostProcessor.java#L25-L29]: > {quote} > Service interface which allows bundles to modify the AuthenticationInfo > object after authentication has been performed. > {quote} > But that's pretty misleading, as "after authentication" actually means "one > AuthenticationHandler has returned an AuthenticationInfo" object, but does > not include the resource provider creations (e.g. JCR repository login), > which are often understood as part of authentication too. > I suggest this instead: > {quote} > Service interface which allows bundles to modify the AuthenticationInfo > object right after one authentication handler has returned it from > extractCredentials() or for an anonymous AuthenticationInfo. It is called > before the resource resolver is created and any authentication in the > resource providers (such as JCR repository login) happens. > As such it is useful to intercept responses from other AuthenticationHandlers > and access or modify the AuthenticationInfo before they are actually used to > create the resource resolver. > {quote} -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Resolved] (SLING-4960) Add more logging to SlingAuthenticator
[ https://issues.apache.org/jira/browse/SLING-4960?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Carsten Ziegeler resolved SLING-4960. - Resolution: Incomplete > Add more logging to SlingAuthenticator > -- > > Key: SLING-4960 > URL: https://issues.apache.org/jira/browse/SLING-4960 > Project: Sling > Issue Type: Improvement > Components: Authentication >Affects Versions: Auth Core 1.3.6 >Reporter: Feike Visser >Priority: Trivial > > I faced some troubleshooting issues with the 'SlingAuthenticator'. > Due to almost no debug-logging it was quite hard to get this resolved. > This ticket is to add more debug-logging, to make it easier to track issues. -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Assigned] (SLING-5448) AuthenticationInfoPostProcessor javadoc misleading
[ https://issues.apache.org/jira/browse/SLING-5448?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Carsten Ziegeler reassigned SLING-5448: --- Assignee: Carsten Ziegeler > AuthenticationInfoPostProcessor javadoc misleading > -- > > Key: SLING-5448 > URL: https://issues.apache.org/jira/browse/SLING-5448 > Project: Sling > Issue Type: Bug > Components: Authentication >Affects Versions: Auth Core 1.3.12 >Reporter: Alexander Klimetschek >Assignee: Carsten Ziegeler >Priority: Major > > Currently, the [AuthenticationInfoPostProcessor javadoc > says|https://github.com/apache/sling/blob/4bc090c5f8cb8ec8d6b1674176978e9a5feff503/bundles/auth/core/src/main/java/org/apache/sling/auth/core/spi/AuthenticationInfoPostProcessor.java#L25-L29]: > {quote} > Service interface which allows bundles to modify the AuthenticationInfo > object after authentication has been performed. > {quote} > But that's pretty misleading, as "after authentication" actually means "one > AuthenticationHandler has returned an AuthenticationInfo" object, but does > not include the resource provider creations (e.g. JCR repository login), > which are often understood as part of authentication too. > I suggest this instead: > {quote} > Service interface which allows bundles to modify the AuthenticationInfo > object right after one authentication handler has returned it from > extractCredentials() or for an anonymous AuthenticationInfo. It is called > before the resource resolver is created and any authentication in the > resource providers (such as JCR repository login) happens. > As such it is useful to intercept responses from other AuthenticationHandlers > and access or modify the AuthenticationInfo before they are actually used to > create the resource resolver. > {quote} -- This message was sent by Atlassian Jira (v8.3.4#803005)
Please welcome Henry Saginor, Sling committer
Hi Sling community, Based on his ongoing and valuable contributions to the project, the Sling PMC has elected Henry Saginor as a Sling committer, and he has accepted the invitation. Please join me in welcoming Henry! Henry - if you want to honor the old tradition of new committers briefly introducing themselves to the list, feel free. Welcome! Robert
[jira] [Updated] (SLING-5483) Unauthenticated request: getUserPrincipal() doesn't return null for auth.annonymous=true
[ https://issues.apache.org/jira/browse/SLING-5483?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Carsten Ziegeler updated SLING-5483: Fix Version/s: Auth Core 1.4.10 > Unauthenticated request: getUserPrincipal() doesn't return null for > auth.annonymous=true > > > Key: SLING-5483 > URL: https://issues.apache.org/jira/browse/SLING-5483 > Project: Sling > Issue Type: Bug > Components: Authentication, Engine >Reporter: Angela Schreiber >Assignee: Carsten Ziegeler >Priority: Major > Fix For: Auth Core 1.4.10 > > > The javadoc for {{HttpServletRequest.getUserPrincipal()}} states the > following for an unauthenticated request: > {quote} > If the user has not been authenticated, the method returns null. > {quote} > With the request implementation present with Sling this is {{true}} as long > as the property {{auth.annonymous}} is disabled in the {{Authenticator}}. > Allowing for anonymous access by default in the Sling {{Authenticator}} > however will change the behavior of this method to return a non-null > principal (by default: 'anonymous') > Surprisingly, {{HttpServletRequest.getAuthType()}} behaves as documented in > the Javadoc (basically stating the same) irrespective of the > {{auth.annonymous}} flag (i.e. always returning {{null}} for un-authenticated > access). > Without being too familiar with the internals of the {{HttpServletRequest}} > implementation in Sling I got the impression that the reason for this issue > is due to the behavior in the {{Authenticator}} and how the corresponding > properties (i.e. userprincipal and authtype) are passed to the request -> > setting components accordingly. Please adjust if needed. -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Assigned] (SLING-5483) Unauthenticated request: getUserPrincipal() doesn't return null for auth.annonymous=true
[ https://issues.apache.org/jira/browse/SLING-5483?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Carsten Ziegeler reassigned SLING-5483: --- Assignee: Carsten Ziegeler > Unauthenticated request: getUserPrincipal() doesn't return null for > auth.annonymous=true > > > Key: SLING-5483 > URL: https://issues.apache.org/jira/browse/SLING-5483 > Project: Sling > Issue Type: Bug > Components: Authentication, Engine >Reporter: Angela Schreiber >Assignee: Carsten Ziegeler >Priority: Major > > The javadoc for {{HttpServletRequest.getUserPrincipal()}} states the > following for an unauthenticated request: > {quote} > If the user has not been authenticated, the method returns null. > {quote} > With the request implementation present with Sling this is {{true}} as long > as the property {{auth.annonymous}} is disabled in the {{Authenticator}}. > Allowing for anonymous access by default in the Sling {{Authenticator}} > however will change the behavior of this method to return a non-null > principal (by default: 'anonymous') > Surprisingly, {{HttpServletRequest.getAuthType()}} behaves as documented in > the Javadoc (basically stating the same) irrespective of the > {{auth.annonymous}} flag (i.e. always returning {{null}} for un-authenticated > access). > Without being too familiar with the internals of the {{HttpServletRequest}} > implementation in Sling I got the impression that the reason for this issue > is due to the behavior in the {{Authenticator}} and how the corresponding > properties (i.e. userprincipal and authtype) are passed to the request -> > setting components accordingly. Please adjust if needed. -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Assigned] (SLING-9529) Update auth core to parent pom 39 or newer
[ https://issues.apache.org/jira/browse/SLING-9529?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Carsten Ziegeler reassigned SLING-9529: --- Assignee: Carsten Ziegeler > Update auth core to parent pom 39 or newer > -- > > Key: SLING-9529 > URL: https://issues.apache.org/jira/browse/SLING-9529 > Project: Sling > Issue Type: Sub-task > Components: Authentication >Reporter: Robert Munteanu >Assignee: Carsten Ziegeler >Priority: Major > Fix For: Auth Core 1.4.10 > > -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Updated] (SLING-9622) Avoid registration of auth requirements for aliases and vanity paths
[ https://issues.apache.org/jira/browse/SLING-9622?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Carsten Ziegeler updated SLING-9622: Fix Version/s: Auth Core 1.4.10 > Avoid registration of auth requirements for aliases and vanity paths > > > Key: SLING-9622 > URL: https://issues.apache.org/jira/browse/SLING-9622 > Project: Sling > Issue Type: Improvement > Components: Authentication >Reporter: Carsten Ziegeler >Assignee: Carsten Ziegeler >Priority: Major > Fix For: Auth Core 1.4.10 > > > Right now when auth requirements are registered, they need to be registered > for the resource path, as well as all vanity paths and potentially all > combinations of aliases for that path. First of all, this creates potentially > a lot of auth requirements for a single path, but as well requires that the > registrar of the auth requirement to be aware of vanity paths and aliases and > do the right thing and update the auth requirements whenever there are > changes. > We should avoid these additional registrations and processing. > The SlingAuthenticator is currently checking the request path against the > auth requirements. We could change this with checking the resolved path. So > the authenticator could use a service user resolver and resolve the path and > then check the auth requirements. > This avoids all the extra work for the registrar of the auth requirements, > but comes with the additional cost of a resolve call per request -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Updated] (SLING-2723) Add listChildren(Filter filter) to Resource
[ https://issues.apache.org/jira/browse/SLING-2723?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Carsten Ziegeler updated SLING-2723: Component/s: (was: Commons) API > Add listChildren(Filter filter) to Resource > - > > Key: SLING-2723 > URL: https://issues.apache.org/jira/browse/SLING-2723 > Project: Sling > Issue Type: Improvement > Components: API >Affects Versions: API 2.3.0 >Reporter: Feike Visser >Priority: Minor > > Currently there is Resource.listChildren(), this will return all the children > of this resource. > This improvement is to add a listChildren(Filter filter) method > where you can specify a specific filter to limit the result, so you don't > have to code a loop yourself. > An example can found in the Page-interface. -- This message was sent by Atlassian Jira (v8.3.4#803005)
[GitHub] [sling-org-apache-sling-dynamic-include] rombert commented on pull request #13: SLING-9045 - Rebase of PR #1 - Adding option to disable URL params check
rombert commented on pull request #13: URL: https://github.com/apache/sling-org-apache-sling-dynamic-include/pull/13#issuecomment-669045767 @geetika95 - please file a bug report on the Sling issue tracker about this, with steps to reproduce. Thanks! This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[jira] [Resolved] (SLING-9630) Mark conversion methods as deprecated
[ https://issues.apache.org/jira/browse/SLING-9630?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Carsten Ziegeler resolved SLING-9630. - Assignee: Carsten Ziegeler Resolution: Fixed Added deprecation markers and updated to latest parent pom https://github.com/apache/sling-org-apache-sling-commons-osgi/commit/5bca393f86ea2447a5885578dda9d3923031a013 > Mark conversion methods as deprecated > - > > Key: SLING-9630 > URL: https://issues.apache.org/jira/browse/SLING-9630 > Project: Sling > Issue Type: Improvement > Components: Commons >Reporter: Carsten Ziegeler >Assignee: Carsten Ziegeler >Priority: Major > Fix For: Commons OSGi 2.4.2 > > > The conversion methods in PropertiesUtil were invented before Declarative > Services had component property types and before the OSGi Converter. With > that tools, the PropertiesUtil is not needed anymore and should be replaced > Therefore we should mark this api as deprecated -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Created] (SLING-9630) Mark conversion methods as deprecated
Carsten Ziegeler created SLING-9630: --- Summary: Mark conversion methods as deprecated Key: SLING-9630 URL: https://issues.apache.org/jira/browse/SLING-9630 Project: Sling Issue Type: Improvement Components: Commons Reporter: Carsten Ziegeler Fix For: Commons OSGi 2.4.2 The conversion methods in PropertiesUtil were invented before Declarative Services had component property types and before the OSGi Converter. With that tools, the PropertiesUtil is not needed anymore and should be replaced Therefore we should mark this api as deprecated -- This message was sent by Atlassian Jira (v8.3.4#803005)