Hi, We have to following piece of functionality:
... final Session adminSession = adminResourceResolver.adaptTo(Session.class); Session userSession = adminSession.impersonate(new SimpleCredentials(userID, "".toCharArray())); ... Where the adminResourceResolver used to be retrieved via getAdministrativeResourceResolver, but as this method is deprecated, we wanted to use the getServiceResourceResolver method. The problem is that the impersonate line, now throws an exception: "javax.jcr.LoginException: Impersonation not allowed". The documentation states that it is possible to add USER_IMPERSONATION to the authenticationInfo map parameter of the method. But also "The property is obeyed but requires that the actual user has permission to impersonate as the requested user. If such permission is missing, a LoginException is thrown." So my question to you guys is: do we need to add USER_IMPERSONATION to the authinfo map and which extra -minimal- permissions does the user need to able to make the impersonation work? Thanks for the help!
