jackrabbit-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Boni Gopalan \(BioImagene\)" <Bon...@bioimagene.com>
Subject RE: Node level access rights
Date Thu, 14 Aug 2008 08:11:08 GMT
I am using the JR current trunk.  Reinventing yet another wheel when
smarter people are contributing wisely is hardly my approach.  I will
check out the trunk implementation.  Thank you very much!

-----Original Message-----
From: Torgeir Veimo [mailto:torgeir@pobox.com] 
Sent: 14 August 2008 13:18
To: users@jackrabbit.apache.org
Subject: Re: Node level access rights

On 14 Aug 2008, at 17:38, Boni Gopalan (BioImagene) wrote:

> What is the best approach to define access rights and to control  
> access
> at Node Level?


1. wait for a jackrabbit release with the new JSR 283 access control  
API (JR 1.5), or
2. implement your own;

- create acl mixin node types (subclass mix:referenceable) that can be  
attached to any node type
- at startup query for all such node types, put them in a hashmap  
cache keyed on their uuid
- implement a listener that listens to any change to nodes that have  
this node type which updates said cache
- implement an access controll handler that checks operations on  
nodes, whenever a change is being done to a node which has the node  
type above, check if the operation in question is allowed, by fetching  
the node from cache.

3. use JR current trunk. The access control api implementation was  
committed in revision 638834.

Torgeir Veimo

View raw message