jackrabbit-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Thomas Mueller (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (JCR-3534) Add JackrabbitSession.getValueByContentId method
Date Tue, 19 Mar 2013 15:21:15 GMT

    [ https://issues.apache.org/jira/browse/JCR-3534?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13606396#comment-13606396
] 

Thomas Mueller commented on JCR-3534:
-------------------------------------

Possible security measures: 

(a) The data store could have a repository wide secret "salt" that is used for all binaries.
For a shared data store, it would be the same salt for all repositories (otherwise it wouldn't
work). With the salt, it would not be possible for an attacker to check whether a certain
binary exists because he couldn't easily generate the content hash (unless he knows the secret
salt).

(b) Some kind of whitelist / blacklist of content ids. Only content ids in the whitelist /
not in the blacklist would be allowed.

(c) The content id could contain an additional token (randomly generated). That way, you could
have multiple content ids that point to the same binary, which could be whitelisted / blacklisted
individually.

All those features would add complexity of course. It's just possible solutions to address
security concerns. I'm not saying we should implement them.
                
> Add JackrabbitSession.getValueByContentId method
> ------------------------------------------------
>
>                 Key: JCR-3534
>                 URL: https://issues.apache.org/jira/browse/JCR-3534
>             Project: Jackrabbit Content Repository
>          Issue Type: New Feature
>          Components: jackrabbit-api, jackrabbit-core
>    Affects Versions: 2.6
>            Reporter: Felix Meschberger
>         Attachments: JCR-3534.patch
>
>
> we have a couple of use cases, where we would like to leverage the global data store
to prevent sending around and copying around large binary data unnecessarily: We have two
separate Jackrabbit instances configured to use the same DataStore (for the sake of this discussion
assume we have the problems of concurrent access and garbage collection under control). When
sending content from one instance to the other instance we don't want to send potentially
large binary data (e.g. video files) if not needed.
> The idea is for the sender to just send the content identity from JackrabbitValue.getContentIdentity().
The receiver would then check whether the such content already exists and would reuse if so:
> String ci = contentIdentity_from_sender;
> try {
>     Value v = session.getValueByContentIdentity(ci);
>     Property p = targetNode.setProperty(propName, v);
> } catch (ItemNotFoundException ie) {
>     // unknown or invalid content Identity
> } catch (RepositoryException re) {
>     // some other exception
> }
> Thus the proposed JackrabbitSession.getValueByContentIdentity(String) method would allow
for round tripping the JackrabbitValue.getContentIdentity() preventing superfluous binary
data copying and moving. 
> See also the dev@ thread http://jackrabbit.markmail.org/thread/gedk5jsrp6offkhi

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

Mime
View raw message