jackrabbit-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From stephan lohwasser <stephan.lohwas...@systemone.at>
Subject Re: custom AccessManager: overwrite isGranted() or checkPermissions()
Date Thu, 16 Feb 2006 09:19:17 GMT

Torgeir Veimo schrieb:
> On Wed, 2006-02-15 at 15:55 +0100, stephan lohwasser wrote:
>   
>> i am currently working on an own AccessManager-implementaion based on 
>> acls. (first of all: is there any prior art, or are examples
>> availible?)
>>     
>
> Are you storing your ACLs as node properties?
>   
acls are stored as subnodes of a page with other subnodes for the acutal 
acl entries, which have the properties owner, isNegative and permissions.
the problems arising are the overhaed (performance) and complications of 
asking the repoisitory each time i ask for a permission.
what i do is: during system startup the acls are read and put into 
java.security.acl datastructures, which are then queried by the access 
manager. also, the acl structure observes the repository and each time 
an access right is changed for an item the ram structure is synchronized 
with the repository data.

does this make sense?

thanks a lot.
stephan



Mime
View raw message