[MAGNOLIA-1292] "anonymous" user is not logged in by default on public instance Created: 04/Jan/07 Updated: 23/Jan/13 Resolved: 19/Apr/07 |
|
| Status: | Closed |
| Project: | Magnolia |
| Component/s: | core |
| Affects Version/s: | 3.0.1 |
| Fix Version/s: | 3.1 M1 |
| Type: | Bug | Priority: | Critical |
| Reporter: | Robert Gacki | Assignee: | Sameer Charles |
| Resolution: | Fixed | Votes: | 0 |
| Labels: | None | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | Not Specified | ||
| Environment: |
+ JDK 5.0_10 |
||
| Issue Links: |
|
||||||||||||||||
| Template: |
|
||||||||||||||||
| Acceptance criteria: |
Empty
|
||||||||||||||||
| Task DoD: |
[ ]*
Doc/release notes changes? Comment present?
[ ]*
Downstream builds green?
[ ]*
Solution information and context easily available?
[ ]*
Tests
[ ]*
FixVersion filled and not yet released
[ ] 
Architecture Decision Record (ADR)
|
||||||||||||||||
| Bug DoR: |
[ ]*
Steps to reproduce, expected, and actual results filled
[ ]*
Affected version filled
|
||||||||||||||||
| Date of First Response: | |||||||||||||||||
| Description |
|
There is no user logged into the Magnolia system on the public instance by default. Both methods return null by default: My proposal: |
| Comments |
| Comment by Philipp Bracher [ 09/Jan/07 ] |
|
Please try MgnlContext.getUser() instead. |
| Comment by Sameer Charles [ 17/Jan/07 ] |
|
If you are logged in as any user on public all permissions are taken care of as expected. but if its open (not restricted) "no user" is logged-in not even anonymous. Main reason I am reluctant to implement this is the performance, currently on public instance there are no http sessions kept so we have to force JAAS authorization for each request which involves reading/loading ACL, creating subjects and associated principles. |
| Comment by Sameer Charles [ 18/Jan/07 ] |
|
will be fixed for 3.1 since this fix requires changes in multiple places and we cannot risk 3.0.x stability |
| Comment by Sameer Charles [ 19/Apr/07 ] |
|
on svn. will be refactored together with |