jackrabbit-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Daniel Br┬čuen <dbr...@saltation.de>
Subject Re: Access Management - Unix-Style
Date Mon, 03 Sep 2007 15:55:25 GMT
Thanks, Paco!

Paco Avila wrote:
> In our application (OpenKM) we store authorization info in the same
> node. Each node with auth should have this mixing:
> [mix:accessControlled] mixin
> - okm:authUsersRead (string) multiple mandatory 
> - okm:authUsersWrite (string) multiple mandatory 
> - okm:authRolesRead (string) multiple mandatory 
> - okm:authRolesWrite (string) multiple mandatory 
> An when the AccessManager is invoked, we use a SystemSession to get
> these properties. SystemSession have access to the whole repository.

That looks straight forward. So I will have to open two different 
sessions, one for authorization and one real user-session. Right now I 
store the user-session in a property of a stateful EJB (is that a good 
idea? I am not really sure about passivating/activating) and that would 
need to be changed since I can not open two different sessions 
simultaneously (or can I?).


View raw message