I want to define an abstract service that subclasses can extend. In the abstract service I want to define a getResourceResolver() method that gets a resource resolver authenticated with the current user.
How can I pass the current user's credentials to ResourceResolverFactory.getResourceResolver considering that I don't have access to the request object in the service?
Also currently I am acquiring a Session like this:
protected ResourceResolver getResourceResolver() { try { return resolverFactory.getAdministrativeResourceResolver(null); } catch (LoginException le) { log.error("Could not get administrative resource resolver", le); throw new RuntimeException(le); } } protected Session getSession() { return getResourceResolver().adaptTo(Session.class); }
However this sometimes leads to the following exception:
RepositoryException: This session has been closed. See the chained exception for a trace of where the session was closed. at org.apache.jackrabbit.core.session.SessionState.checkAlive(SessionState.java:150) at org.apache.jackrabbit.core.session.SessionState.perform(SessionState.java:200) at org.apache.jackrabbit.core.ItemImpl.perform(ItemImpl.java:91) at org.apache.jackrabbit.core.ItemImpl.remove(ItemImpl.java:322)
How can I reopen the session when it is closed?
protected Session getSession() { Session session = getResourceResolver().adaptTo(Session.class); if (!session.isLive()) { // ??? } }
Thanks.
Solved! Go to Solution.
Views
Replies
Total Likes
Hi,
when you want to execute some activities in the context of the current user, you should use the resourceresolver of the request. Because when you have a "user" information, it should be easy to pass the resourceResolver as well.
To your questions:
1) That depends. If "jcr:lastModifiedBy" is not updated or created, the original username remains (or there is no name at all).
2) Not at all.
(Well, if you don't require a resourceResolver, but only a JCR session, you could use the session.impersonate() method.)
Jörg
Views
Replies
Total Likes
Hi,
Instead of creating a service why not create an adapter factory? You could adapt the resource resolver from the request to your class(es) and then you would have access to the actual user's session and you would not need to acquire an additional session.
See [0] for how to build an adapter factory, the docs are here [1]
Will
[0] http://www.wemblog.com/2013/07/how-to-use-adapters-in-adobe-cq-aem.html
[1] https://sling.apache.org/documentation/the-sling-engine/adapters.html
Views
Replies
Total Likes
To answer your question, according to me
SimpleCredentials credential = new SimpleCredentials("your_username", "your_password".toCharArray()); session = repository.login(credential, "crx.default");
Views
Replies
Total Likes
Hi Will,
Thanks for your reply but I am afraid that doesn't answer my question. Maybe my question is not clear enough. Let me rephrase.
There are some articles (for example Getting Resources and Properties in Sling) about how one can access resources, etc. in Sling. However, for example in the given article, access to JCR is done through an administrative resource resolver.
Now I have two questions about this:
Thanks.
Views
Replies
Total Likes
Hi,
when you want to execute some activities in the context of the current user, you should use the resourceresolver of the request. Because when you have a "user" information, it should be easy to pass the resourceResolver as well.
To your questions:
1) That depends. If "jcr:lastModifiedBy" is not updated or created, the original username remains (or there is no name at all).
2) Not at all.
(Well, if you don't require a resourceResolver, but only a JCR session, you could use the session.impersonate() method.)
Jörg
Views
Replies
Total Likes
Views
Likes
Replies
Views
Likes
Replies