Image: neba Model Registry Menu
Image: Error Screen
NOTE: Neba team has already fixed it on their development branch and we don’t need to explicitly add whitelisting configuration for neba bundle.
Here is the reason for the error
Originally the ResourceResolverFactory.getAdministrativeResourceResolver and SlingRepository.loginAdministrative methods have been defined to provide access to the resource tree and JCR Repository. These methods proved to be inappropriate because they allow for much too broad access.
Consequently, these methods are being deprecated and will be removed in future releases of the service implementations.
The following methods are deprecated:
- ResourceResolverFactory.getAdministrativeResourceResolver
- ResourceProviderFactory.getAdministrativeResourceProvider
- SlingRepository.loginAdministrative
Whitelisting bundles for administrative login
In order to be able to manage a few (hopefully legit) uses of the above-deprecated methods, a whitelisting mechanism was introduced with SLING-5153 (JCR Base 2.4.2).
The recommended way to whitelist a bundle for administrative login is via a whitelist fragment configuration. It can be created as an OSGi factory configuration with the factoryPID org.apache.sling.jcr.base.internal.LoginAdminWhitelist.fragment.
E.g. a typical configuration file might be called org.apache.sling.jcr.base.internal.LoginAdminWhitelist.fragment-myapp.config and could look as follows:
whitelist.name="myapp"
whitelist.bundles=[
"com.myapp.core",
"com.myapp.commons"
]
In general, try to avoid using administrative login if you are writing code in your bundle but, let’s say you are using some third-party bundle then in that case you can add a configuration to get it working as explained above.
In order to be able to manage a few (hopefully legit) uses of the above-deprecated methods, a whitelisting mechanism was introduced with SLING-5153 (JCR Base 2.4.2).
The recommended way to whitelist a bundle for administrative login is via a whitelist fragment configuration. It can be created as an OSGi factory configuration with the factoryPID org.apache.sling.jcr.base.internal.LoginAdminWhitelist.fragment.
E.g. a typical configuration file might be called org.apache.sling.jcr.base.internal.LoginAdminWhitelist.fragment-myapp.config and could look as follows:
whitelist.name="myapp"
whitelist.bundles=[
"com.myapp.core",
"com.myapp.commons"
]
In general, try to avoid using administrative login if you are writing code in your bundle but, let’s say you are using some third-party bundle then in that case you can add a configuration to get it working as explained above.
No comments:
Post a Comment
If you have any doubts or questions, please let us know.