Return-Path: Delivered-To: apmail-jackrabbit-users-archive@locus.apache.org Received: (qmail 7943 invoked from network); 18 Sep 2006 17:03:49 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (209.237.227.199) by minotaur.apache.org with SMTP; 18 Sep 2006 17:03:49 -0000 Received: (qmail 93673 invoked by uid 500); 18 Sep 2006 17:03:49 -0000 Delivered-To: apmail-jackrabbit-users-archive@jackrabbit.apache.org Received: (qmail 93665 invoked by uid 500); 18 Sep 2006 17:03:49 -0000 Mailing-List: contact users-help@jackrabbit.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: users@jackrabbit.apache.org Delivered-To: mailing list users@jackrabbit.apache.org Received: (qmail 93656 invoked by uid 99); 18 Sep 2006 17:03:48 -0000 Received: from asf.osuosl.org (HELO asf.osuosl.org) (140.211.166.49) by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 18 Sep 2006 10:03:48 -0700 X-ASF-Spam-Status: No, hits=1.1 required=10.0 tests=DNS_FROM_RFC_ABUSE,HTML_00_10,HTML_MESSAGE,SPF_PASS X-Spam-Check-By: apache.org Received-SPF: pass (asf.osuosl.org: domain of michael.neale@gmail.com designates 66.249.82.233 as permitted sender) Received: from [66.249.82.233] (HELO wx-out-0506.google.com) (66.249.82.233) by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 18 Sep 2006 10:03:48 -0700 Received: by wx-out-0506.google.com with SMTP id t13so4180843wxc for ; Mon, 18 Sep 2006 10:03:27 -0700 (PDT) DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:to:subject:mime-version:content-type; b=N473brQ3DXntZJCL1LYnjbMeZYwr2FUmzn6yij9d7LEgZTSAjHAM1Ro+wLZe7yhvRB1kOCMilRsZ4uMT7g0CeOKCRnrjmkk5duYAtXdweKNcWL8l0u+3bhayjwUunyO+AeDyuym7ZRmBjSoy1UkopJ8r1ClXwN4+ipmyTWbyUzU= Received: by 10.90.52.18 with SMTP id z18mr2215740agz; Mon, 18 Sep 2006 10:03:26 -0700 (PDT) Received: by 10.90.98.10 with HTTP; Mon, 18 Sep 2006 10:03:26 -0700 (PDT) Message-ID: <96ab3ced0609181003h42bb80afmfcd56d4e16a354ac@mail.gmail.com> Date: Mon, 18 Sep 2006 18:03:26 +0100 From: "Michael Neale" To: users@jackrabbit.apache.org Subject: Custom AccessManager MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="----=_Part_54998_14061639.1158599006364" X-Virus-Checked: Checked by ClamAV on apache.org X-Spam-Rating: minotaur.apache.org 1.6.2 0/1000/N ------=_Part_54998_14061639.1158599006364 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Content-Disposition: inline I have started to look into the AccessManager, and doing a custom implementation for my needs for ACLs for certain node types. I know SimpleAccessManager is of course simple, but can anyone give me advice/pointers on how best to implement one - basically I want to (optionally) restrict node access to users only in certain group memberships - but this is determined per node (so each node has an access control list of sorts?). Anyone done something similar or heard of something similar they can point me to? >From trying out the AccessManager, basically I get thrown a UUID for a node (possibly a node - may even be a property?) - so in theory I could look up a (cached) ACL list for that node, compare it with the current subject? Michael. PS. how much am I wasting my time given that JCR2 may address some of this? ------=_Part_54998_14061639.1158599006364--