Adobe Experience Manager Sites & More

samuel786431 · 2/11/15

Hi,

There are two methods to get the session:

session= this.repository.loginAdministrative(null); session = resourceResolver.adaptTo(Session.class);

With the first approach i need an explicit session.logout() and with the second the logout is managed automatically by sling, right?

Thanks

edubey · 3/11/15

okay, you can use

session.logout();

to close the session

Ver la solución en mensaje original publicado

Lokesh_Shivalingaiah · 2/11/15

but you need to close your resolver which will take care of it.

edubey · 2/11/15

Hi,

You are right, but If you are going to use loginAdministrative(), I would recommend not to use it, It has been deprecated. Although it is still available to support existing applications.

Take a look

@ http://sling.apache.org/documentation/the-sling-engine/service-authentication.html

@ http://sling.apache.org/documentation/tutorials-how-tos/getting-resources-and-properties-in-sling.ht...

kautuk_sahni · 3/11/15

Hi

As mentioned by Praveen, "session= this.repository.loginAdministrative(null);" has been depricated.

Link:- https://docs.adobe.com/docs/en/aem/6-0/develop/ref/javadoc/org/apache/sling/jcr/api/SlingRepository....

and another good article to read

Link:- http://www.wemblog.com/2014/08/how-to-use-sessions-and-resource.html

I hope this would act as some help to you.

Thanks and Regards

Kautuk Sahni

samuel786431 · 3/11/15

I'm tryng to use:

session = resourceResolver.adaptTo(Session.class);

but the reference of resourceResolver is null inside my bundle

i can recovery the session only by:

session=resolverFactory.getAdministrativeResourceResolver(null).adaptTo(Session.class);

Is it correct?

edubey · 3/11/15

If you have request object you can get it this way

ResourceResolver resourceResolver = request.getResourceResolver(); Session session = resourceResolver.adaptTo(Session.class);

Lokesh_Shivalingaiah · 3/11/15

as @edubey mentioned, get the resourceResolver from the request and then adapTo session

or you can use whatever you have mentioned. Even thats correct

samuel786431 · 3/11/15

I don't have a servlet or a jsp is a simple java class so i can't use the request.

With the deprecated method i don't have problem, with resolverFactory.getAdministrativeResourceResolver(null).adaptTo(Session.class) i have a lot of session unclosed

edubey · 3/11/15

okay, you can use

session.logout();

to close the session

samuel786431 · 3/11/15

So doesn't exist a method without the need of logout?

The approach with the resource resolver doesn't need a try/catch and i think it is the right way but why my reference is null?

Opkar_Gill · 3/11/15

Hi,

To replace loginAdministrative, you need to use Service Based Authentication [1]. The idea is to move away from creating a session which has full access to the whole repository and instead for you to think about what permissions are really required, so you create service users for specific tasks.Examples here [2][3][4] When using the ResourceResolver, you would call close() on that object.

This is an older article which talks about your responsibility when opening sessions or a resourceresolver. Ignore the talk of loginadministrative 🙂

Regards,

Opkar

[1] http://sling.apache.org/documentation/the-sling-engine/service-authentication.html

[2] http://www.wemblog.com/2014/08/how-to-use-sessions-and-resource.html

[3] http://www.tothenew.com/blog/access-content-repository-via-getserviceresourceresolver-in-aem6sling7/

[4] https://cqdump.wordpress.com/2014/06/23/aem-6-0-admin-sessions/

[5] https://cqdump.wordpress.com/2013/07/23/cq-development-patterns-sling-resourceresolver-and-jcr-sessi...