Details
-
Bug
-
Status: Closed
-
Critical
-
Resolution: Fixed
-
None
-
None
Description
I've noticed while testing the new 1.3.6 release that a warning is logged when starting up the Launchpad:
30.01.2017 18:14:04.829 *WARN* [Apache Sling Repository Startup Thread] org.apache.jackrabbit.server.remoting.davex.ProtectedRemoveManager protectedhandlers-config is missing -> DIFF processing can fail for the Remove operation if the content toremove is protected!
Tracing back the code, I see that the service registration parameters are properly added in SlingDavExServlet.activate:
initProps = {servlet.init.csrf-protection=disabled, servlet.init.resource-path-prefix=/crx/server, service.vendor=The Apache Software Foundation, sling.auth.requirements=-/crx/server, protectedhandlers-config=org.apache.jackrabbit.server.remoting.davex.AclRemoveHandler, osgi.http.whiteboard.servlet.pattern=/crx/server/*, servlet.init.createAbsoluteURI=true, service.description=Sling JcrRemoting Servlet, osgi.http.whiteboard.context.select=(osgi.http.whiteboard.context.name=DavExAuthHttpContext)}
but they are not propagated to JcrRemotingServlet.init
config = org.apache.felix.http.base.internal.handler.ServletConfigImpl@3a275518
{
context = org.apache.felix.http.base.internal.whiteboard.PerBundleServletContextImpl@1107e18,
initParams = {csrf-protection=disabled, createAbsoluteURI=true, resource-path-prefix=/crx/server}
name = org.apache.sling.jcr.davex.impl.servlets.SlingDavExServlet
}
This reverting the fix for SLING-6378 solves the issue, but I'd like to not revert that and instead find the root cause.