jackrabbit-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Charles Brooking" <public+jackrab...@charlie.brooking.id.au>
Subject Access control and node types with WebDAV
Date Tue, 13 Jan 2009 03:45:13 GMT
Hi all,

I'm currently developing an application that provides two front-ends:

 * a WebDAV servlet (provided by Jackrabbit), and
 * an application-specific REST (HTML, XML) interface.

I'd be interested in hearing what the consensus is regarding access
control and node typing in this context. The problem - as I see it - is
that an application-specific interface can provide a layer between the
user and the repository, thus preventing bad data being entered, but
WebDAV potentially allows users to enter anything.

If you use nt:unstructured (or subtypes of nt:folder etc) then there could
potentially be errant nodes everywhere. I have found node types to be
effective in preventing WebDAV users from uploading files in places they
shouldn't. This works in a very crude way, returning a "500 Internal
Server Error" response, but stops them at least. Is this the intended
approach?

(In my application, there are strongly-typed "project" nodes at the top
level, and then only beneath this are subtrees where a user can freely
manage files and folders. Only these subtrees are intended to be modified
using WebDAV - the rest should be done through the custom web service.)

The other interesting point is access control. I've written a custom
AccessManager class and have found this useful both for WebDAV and my own
servlets: in my servlets, I access the repository through a user-specific
Jackrabbit session based on credentials provided through HTTP Auth and
thus access control is handled at the repository level instead of the web
application level (a very nice benefit of using a JCR, IMO). But it poses
a minor problem with WebDAV. Although a user has write access to their
projects - subject to node type constraints - it would be desirable to
prevent them modifying certain properties. You can only have one
AccessManager per repository instance, however.

Do people just accept this limitation? Or do people write an AccessManager
with WebDAV in mind and use a "system session" with additional access
filters defined at the web application level? Or are there even further
approaches like using/abusing workspaces that work better? There isn't a
lot of reference material out there at this point in time...

Look forward to hearing other's thoughts!

Thanks
Charlie


Mime
View raw message