jackrabbit-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Angela Schreiber <anch...@adobe.com>
Subject Re: Jackrabbit Security
Date Wed, 03 Nov 2010 16:39:04 GMT
kazim_ssuet@yahoo.com wrote:
> We've been using IBM content manager and show links to documents in our
> application that user clicks to view/download documents. 
> The document url provided by IBM content manager has a security token as
> part of url that is valid for some predefined time and user can use that
> link only for that period of time. 
> Can this behavior be acheived using jackrabbit? and how? 

the default setup in jackrabbit doesn't yet allow for this kind
of access restrictions. however, the jackrabbit access control
api extensions (specially JackrabbitAccessControlList and -Entry)
were designed with such kind of restrictions in mind. in order
to implement this with jackrabbit you would have to provide
your custom access control implementation (or extension of the
default). specifically you would need to make sure that your
time constraints are enforced during access control evaluation.

hope that helps

View raw message