Uploaded image for project: 'Hippo Site Toolkit 2'
  1. Hippo Site Toolkit 2
  2. HSTTWO-3794

For CMS Preview and PageComposer use a dedicated CmsSessionContext object to share state with the HST web application(s)

    XMLWordPrintable

    Details

    • Type: New Feature
    • Status: Closed
    • Priority: Normal
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: 4.0.2
    • Component/s: None
    • Labels:
      None
    • Similar issues:
    • Processed by team:
      Platform
    • Sprint:
      Platform Sprint 138

      Description

      This concerrns the HST side of the implementation of CMS-10424.

      In addition to using the new CmsContextService and CmsSessionContext to coordinate with the CMS session state,
      this will also deprecate the usage of the following org.hippoecm.hst.core.container.ContainerConstants:

      • CMS_SSO_REPO_CREDS_ATTR_NAME
      • (Boolean) CMS_SSO_AUTHENTICATED
      • CMS_USER_ID_ATTR

      These session attributes are replaced by the new request attributes (set upon each authorized CMS request):

      • CMS_REQUEST_REPO_CREDS_ATTR
      • CMS_REQUEST_USER_ID_ATTR

      To determine if a HST HttpSession is authorized to process a CMS request, instead of checking the CMS_SSO_AUTHENTICATED session attribute, use:

      CmsRequestContext.getContext(HttpSession) != null
      

      The deprecated session attributes are still set to retrain backwards compatibility but no longer used internally.

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                Unassigned
                Reporter:
                adouma Ate Douma
              • Votes:
                0 Vote for this issue
                Watchers:
                2 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: