jackrabbit-oak-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jukka Zitting <jukka.zitt...@gmail.com>
Subject Re: OAK-343 considered harmful?
Date Tue, 27 Nov 2012 15:37:37 GMT

On Tue, Nov 27, 2012 at 5:11 PM, Angela Schreiber <anchela@adobe.com> wrote:
> IMO that will not work for the case manfred is referring
> to as it is operating on the oak-api and not on jcr api.

After thinking about this for some while, I actually wonder whether it
would be better for the authentication code to work completely on top
of the JCR API, with it's own separate sessions.

That would make the authentication code more similar to other standard
JAAS components that connect to existing databases, LDAP directories,
etc. for authentication information. As an extra benefit this would
also make it possible to reuse the users and groups stored in the
repository for authenticating also access to non-Oak/JCR resources.


Jukka Zitting

View raw message