it says that the prefered way to get a resource resolver is no longer the service users but the following:
3-Pass a serialization of the Subject in the event payload, and create a ResourceResolver based on that subject. One example would be using the JAAS doAsPrivileged in the ResourceResolverFactory.
Advantages: Clean implementation from a security standpoint. It avoids re-authentication and it operates with the original privileges. Security relevant code is transparent to the consumer of the event.
Disatvantages: Needs refactoring. The fact that the security relevant code transparent to the consumer of the event might also lead to problems.
But the question is how to get the Subject in a OSGI service that implements ResourceChangeListener to be able to serialize it and then passe it to the JobConsumer??
Can somebody post some quick example of how to get the subject/context?