jackrabbit-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Sushil Vegad <vsus...@serebrum.com>
Subject Re: webdav-control nodes(folders) to display
Date Fri, 04 Apr 2008 18:12:29 GMT



>>the access control functionality should be enforced in 
>>the repository and not in the webdav-layer on top of 
>>the repository.
> 
> We have numerous DB tables that collectively define a users permissions
> (only one element of security information is defined in repository nodes).
> How can the entire DB ACL information be defined in the Repository?
> 
> In our web application, we read the ACL from the DB and enforce security
> when reading from or writing to the repository? How can this be done for
> webdav calls?
> 
> Thanks again for you input.
> Sushil
> 
> 


Angela Schreiber wrote:
> 
> 
>>> I was wrong in saying we have access control information defined in the
>>> JCR repository. The ACL information resides in DB; we are able to use
>>> ItemFilter's -> isFilteredNodeType(Item item) method to filter out nodes
>>> as per user
> 
> the access control functionality should be enforced in
> the repository and not in the webdav-layer on top of
> the repository.
> 
> please make sure, you have the access control funcitionality
> in the repository reading/evaluation the information
> from your DB.
> 
> what you try to do, looks like an ugly hack to me.
> 
> angela
> 
> 

-- 
View this message in context: http://www.nabble.com/webdav-control-nodes%28folders%29-to-display-tp16423305p16495046.html
Sent from the Jackrabbit - Users mailing list archive at Nabble.com.


Mime
View raw message