jackrabbit-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Tobias Bocanegra" <tobias.bocane...@day.com>
Subject Re: Acces control implementation
Date Sun, 28 May 2006 11:27:13 GMT
hi,
> Both will have an owner property, a list of subjects with reading rights and
> another list of subjects with writing rights.
wouldn't it make more sense to have a general list of rights? i mean,
there are more actions than just read and write (currently: read,
write, remove).

> Is it a right way to directly inherit from nt:folder or should i use another
> namespace ?
i would create a mix:accessControlled mixin nodetype that has to
neccesairy properties or childnodes. so you can add the mixin to
whatever node you want.
you still can define the nt:privilegedFile like this:

[nt:privilegedFile] > nt:file, mix:accessControlled

> While doing the first node type i realised that when a node is being
> imported to the repository in defaultHandler, the user's principals are
> not accessible, should i modify the inputContext interface and then the
> importContext interface to make the principals accessible at this point  ?

the checking is done in the access manager. take a look at the
SimpleAccessManager. it is initialized for every session that holds
the jaas subject. i would not add a special accesscontrol into the
default handler.

> I would like, if you are interested in my work, to commit these change to
> jackrabbit as soon as it is functional.
there are some discussions of how to add ACLs into JSR283 (jcr 2.0).
as soon we have some consensus of how this should be modeled, we will
start to implement it into jackrabbit. and of course any sound help is
welcome.

> I've seen that the RFC3253  as been implemented in the webdav server, so i
> can later add the real rights showing in the propfind.
as i said, it would be cool, if the webdav acl and the repository acl
work with the same mechanisms.

regards, toby
-- 
-----------------------------------------< tobias.bocanegra@day.com >---
Tobias Bocanegra, Day Management AG, Barfuesserplatz 6, CH - 4001 Basel
T +41 61 226 98 98, F +41 61 226 98 97
-----------------------------------------------< http://www.day.com >---

Mime
View raw message