jackrabbit-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Paco Avila <pav...@git.es>
Subject Re: Access Management - Unix-Style
Date Tue, 04 Sep 2007 06:16:32 GMT
El lun, 03-09-2007 a las 17:55 +0200, Daniel BrŸuen escribió:
> Thanks, Paco!
> 
> Paco Avila wrote:
> > In our application (OpenKM) we store authorization info in the same
> > node. Each node with auth should have this mixing:
> > 
> > [mix:accessControlled] mixin
> > - okm:authUsersRead (string) multiple mandatory 
> > - okm:authUsersWrite (string) multiple mandatory 
> > - okm:authRolesRead (string) multiple mandatory 
> > - okm:authRolesWrite (string) multiple mandatory 
> > 
> > An when the AccessManager is invoked, we use a SystemSession to get
> > these properties. SystemSession have access to the whole repository.
> 
> That looks straight forward. So I will have to open two different 
> sessions, one for authorization and one real user-session. Right now I 
> store the user-session in a property of a stateful EJB (is that a good 
> idea? I am not really sure about passivating/activating) and that would 
> need to be changed since I can not open two different sessions 
> simultaneously (or can I?).

User session is created in the user login process. My "system" session
is created once and used in the access manager to read this mixin
properties. You can open many sessions at the same time. Our application
is used my several users simultaneously.
-- 
Paco Avila <pavila@git.es>


Mime
View raw message