Hi Aryan
All of them serve the same purpose but obviously differ in how and when to use. I will try to explain though
Resource Resolver Via
1) Administrative Null - DEPRECATED
From your code; Line 77 resourceResolverFactory.getAdministrativeResourceResolver(null); This was the old way of accessing the repository via code. When we used to code back in those days, even if the user had restricted access to the content, with this code , from back-end we used to gain full access to the repository. So you can obviously understand the security loophole it had. Because of such security issues , this was deprecated . So should not be used anymore . See the doc here
2) Service User
To address all the security issues caused by accessing the Resource Resolver via getAdministrativeResourceResolver(null) ; this new method was introduced, which mandates you to have a dedicated user ( Should be a SYSTEM USER) with restricted permissions. Using
getServiceResourceResolver(Map<String,Object> authenticationInfo)
method ; you can get the resourceResolver only if the user has the privilege to access the content you are trying to access via backend. If the user doesn't have the required privilege , it will return null. Please find the official doc here
3) From Request
As ravi mentioned , it is specific to the current request. The resolver resolver out of this way will have the permissions as same as the user requesting this. A little explanation on getting resourceResolver via request from the web is found here
Hope this helps. Let me know if you are still unclear. If there is any discrepancies in my response , please feel free to correct me 🙂 .
Thanks
Veena
