[HSTTWO-3810] [backport 7.9] For CMS Preview and PageComposer use a dedicated CmsSessionContext object to share state with the HST web application(s) - Issues

XML

Word

Printable

Details

Type: New Feature
Status: Closed
Priority: Normal
Resolution: Fixed
Affects Version/s: None
Fix Version/s: 2.28.16
Component/s: None
Labels:
None

Sprint:
Platform Sprint 138, Platform Sprint 140

Description

This concerrns the HST side of the implementation of ~~CMS-10424~~.

In addition to using the new CmsContextService and CmsSessionContext to coordinate with the CMS session state,
this will also deprecate the usage of the following org.hippoecm.hst.core.container.ContainerConstants:

CMS_SSO_REPO_CREDS_ATTR_NAME
(Boolean) CMS_SSO_AUTHENTICATED
CMS_USER_ID_ATTR

These session attributes are replaced by the new request attributes (set upon each authorized CMS request):

CMS_REQUEST_REPO_CREDS_ATTR
CMS_REQUEST_USER_ID_ATTR

To determine if a HST HttpSession is authorized to process a CMS request, instead of checking the CMS_SSO_AUTHENTICATED session attribute, use:

CmsRequestContext.getContext(HttpSession) != null

The deprecated session attributes are still set to retrain backwards compatibility but no longer used internally.

Attachments

Issue Links

is a backport of

HSTTWO-3794 For CMS Preview and PageComposer use a dedicated CmsSessionContext object to share state with the HST web application(s)

Closed

Activity

People

Assignee:: Unassigned

Reporter:: Junaidh Kadhar Sheriff

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 26/Sep/16 12:40 PM

Updated:: 03/Oct/16 3:05 PM

Resolved:: 03/Oct/16 3:05 PM