Return-Path: Delivered-To: apmail-incubator-jackrabbit-dev-archive@www.apache.org Received: (qmail 51208 invoked from network); 13 Oct 2005 10:40:29 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (209.237.227.199) by minotaur.apache.org with SMTP; 13 Oct 2005 10:40:29 -0000 Received: (qmail 45542 invoked by uid 500); 13 Oct 2005 10:40:27 -0000 Mailing-List: contact jackrabbit-dev-help@incubator.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: jackrabbit-dev@incubator.apache.org Delivered-To: mailing list jackrabbit-dev@incubator.apache.org Received: (qmail 45531 invoked by uid 99); 13 Oct 2005 10:40:27 -0000 Received: from asf.osuosl.org (HELO asf.osuosl.org) (140.211.166.49) by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 13 Oct 2005 03:40:27 -0700 Received-SPF: pass (asf.osuosl.org: domain of david.nuescheler@gmail.com designates 72.14.204.207 as permitted sender) Received: from [72.14.204.207] (HELO qproxy.gmail.com) (72.14.204.207) by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 13 Oct 2005 03:40:29 -0700 Received: by qproxy.gmail.com with SMTP id u24so50889qbh for ; Thu, 13 Oct 2005 03:40:06 -0700 (PDT) DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:reply-to:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=b1iV32PeEcdfnlaO4KGX47yJ4n2huMQwNstERn3DasXh3DTk5hBY2EYDdS/eDL9zdP/jqmVa9tJ4n0X/+OBp+mDdv+O6jdm5cMWcs8WEtY95KI79Sqw452n1+SicFVYfzQwxNu+4oBCrO6FyvrSm7XIyp6S6g08fx41KLMYVj64= Received: by 10.64.251.6 with SMTP id y6mr972414qbh; Thu, 13 Oct 2005 03:40:06 -0700 (PDT) Received: by 10.64.208.8 with HTTP; Thu, 13 Oct 2005 03:40:06 -0700 (PDT) Message-ID: Date: Thu, 13 Oct 2005 12:40:06 +0200 From: David Nuescheler Reply-To: david.nuescheler@day.com To: jackrabbit-dev@incubator.apache.org Subject: Re: Confused about checking permissions In-Reply-To: <8fa1023f0510130330q540b3f73x1347a615b71a1506@mail.gmail.com> MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Content-Disposition: inline References: <8fa1023f0510130322t7b8d71d4uc94566a5189d0d4e@mail.gmail.com> <90a8d1c00510130328u305aaae9hf2efa81c17d88fe4@mail.gmail.com> <8fa1023f0510130330q540b3f73x1347a615b71a1506@mail.gmail.com> X-Virus-Checked: Checked by ClamAV on apache.org X-Spam-Rating: minotaur.apache.org 1.6.2 0/1000/N > Yes, but AccessManager is jackrabbit-dependent, no? i.e. is not part of t= he > spec. yes, that's true. the only part of access control that made it into jsr-170 or (jcr v1.0) is the introspection of the permissions. not the management of permissions. this is in-line with the exclusion of all the management interfaces (nodetypes, workspaces, ...) from v1.0 of jcr. see jsr-283 (v2.0 of jcr) for further development on that, but for now you = will have to resort to proprietary mechanisms of the repository. however, the access control "management" portion normally does not make for a lot of source code in most applications that i am familiar with,... in addition to that a number of repository implementation are based on jackrabbit and therefore expose the same or similar interfaces as jackrabbit, so using the jackrabbit interfaces may be a good choice in the first place. regards, david