jackrabbit-oak-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Angela Schreiber <anch...@adobe.com>
Subject Re: OAK-343 considered harmful?
Date Tue, 27 Nov 2012 16:13:45 GMT
hi jukka

that's what we had in jackrabbit core and it was a total mess.

we need some lower level implementation of all the security
related code for various reasons including validation. just
putting it on top of jcr didn't work and i will not make that
same mistake again...

kind regards
angela


On 11/27/12 4:37 PM, Jukka Zitting wrote:
> Hi,
>
> On Tue, Nov 27, 2012 at 5:11 PM, Angela Schreiber<anchela@adobe.com>  wrote:
>> IMO that will not work for the case manfred is referring
>> to as it is operating on the oak-api and not on jcr api.
>
> After thinking about this for some while, I actually wonder whether it
> would be better for the authentication code to work completely on top
> of the JCR API, with it's own separate sessions.
>
> That would make the authentication code more similar to other standard
> JAAS components that connect to existing databases, LDAP directories,
> etc. for authentication information. As an extra benefit this would
> also make it possible to reuse the users and groups stored in the
> repository for authenticating also access to non-Oak/JCR resources.
>
> BR,
>
> Jukka Zitting

Mime
View raw message