XMLWordPrintable

    • Icon: Sub-task Sub-task
    • Resolution: Done
    • Icon: Major Major
    • 0.5
    • 0.4
    • None
    • None

      The DNA JCR security approach is JAAS-based and relies on the ability to pass a LoginContext, AccessControlContext, or SimpleCredentials (which are used internally to create a LoginContext) to the ExecutionContext. The Servlet specification does not expose any of these. The REST server is mandatorily limited to what the Servlet specification provides. There needs to be some sort of integration between the Servlet-based REST code and JAAS-based DNA implementation to allow authorization and access to JCR resources to occur based on web credentials.

        1. DNA-440_refactor_existing.patch
          82 kB
          Brian Carothers
        2. DNA-440_rest_changes.patch
          31 kB
          Brian Carothers

              bcarothers_jira Brian Carothers (Inactive)
              bcarothers_jira Brian Carothers (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              0 Start watching this issue

                Created:
                Updated:
                Resolved: