jackrabbit-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Tobias Bocanegra" <tobias.bocane...@day.com>
Subject Re: [jira] Commented: (JCR-442) Implement a backup tool
Date Thu, 27 Jul 2006 11:22:13 GMT
> c: If you are OK on this, I will create a getExternalSession() class in
> RepositoryImpl. This session will be used for all external application
> (backup, access manager and so on). The external session will have the same
> rights as a SystemSession. It would allow us to isolate two different class
> of use  (external applications with priviledged rights and internal use).
> Are you OK on this?

i'm not. giving away system sessions compromises integrity and
security. either have your app use the internals of the repository, or
do a proper login.

regards, toby
-- 
-----------------------------------------< tobias.bocanegra@day.com >---
Tobias Bocanegra, Day Management AG, Barfuesserplatz 6, CH - 4001 Basel
T +41 61 226 98 98, F +41 61 226 98 97
-----------------------------------------------< http://www.day.com >---

Mime
View raw message