jackrabbit-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Maxim <maxi...@anahoret.com>
Subject User permissions in JCR
Date Wed, 01 Jun 2005 13:37:54 GMT
Hello jackrabbit-dev.

It looks like my previous post was missed,
so I will try to ask my question again.

In Jackrabbit current implementation of access permissions
(org.apache.jackrabbit.core.security) it is only possible to have "all
permissions" (superuser) or "read-only" (anonymous) session.

Is it planned to add more flexible permission system to Jackrabbit, so
it will be possible to have different permissions for different nodes,
for the single session.

Another JCR question is not Jackrabbit specific. Consider an
application which uses some JCR implementation and this application
requires setting permissions for nodes on behalf of its users. As
there is no API to set user permissions for nodes specified in JCR,
which API should be used in such application?

If, as JCR states, permission system is left up to implementation,
then is such application forced to used some proprietary API to set
permissions? Doesn't this compromise entirely a concept of "switching
repository implementations" and avoiding vendor lock-in?

Any comments on these two questions will be highly appreciated.

Thank you.

Best regards, Maxim.
Anahoret Team.

View raw message