jackrabbit-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Doug Douglass" <douglass.d...@gmail.com>
Subject Re: CAS in jackrabbit
Date Tue, 28 Oct 2008 17:02:40 GMT
On Mon, Oct 27, 2008 at 9:08 PM, iapilgrim <iapilgrim@gmail.com> wrote:

>
> Hi Doug,
> I am about to add PERMISSIONs/RIGHTs to my app. I intent to use Spring
> Security. I don't know how to use it right now. I have some questions
> + What are the reasons that make you not use Spring Security but implement
> one for your own?
> + I don't understand your solution but it seems to be restricted by the
> limit set of actual ACLs. My app is very big, so which strategy to
> implement
> an PERMISSIONs/RIGHTs
> My security module is  complex. It is used for CMS application.
> Regards,
> Van
>
>
Van,

??? we _did_ use Spring Security, though it was called ACEGI at the time. We
chose not use the JCR AccessManager for the very reason vlad questioned --
we needed to derive the ACL for a repository object from the properties of
the object and AccessManager, in and of itself, did not provide a means
(i.e., session) to retrieve the repository object. Though we could have
injected a session into the AccessManager for this, querying twice the for
same object "smells" a bit, even if Jackrabbit's caching mitigates most
performance issues.

Yes, the app I'm speaking of had a small set of ACLs (tens), and a
relatively small set objects (tens of thousands), and using AOP for object
authorization had other advantages for the project, so I'm not suggesting it
is THE answer, only an alternative.

Regard,
Doug

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message