jackrabbit-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Charles Brooking" <public+jackrab...@charlie.brooking.id.au>
Subject Re: Access control and node types with WebDAV
Date Wed, 14 Jan 2009 00:49:02 GMT
Hi Alex

> - I think ACLs that handle modification of properties is part of the
> JCR 2.0 standard (but could be wrong here)
> - if not, you should think about changing your content model - ACLs
> are a main driver for it (see rule 2 in [1])

JCR 1.0 includes the "set_property" permission, and I've implemented a
custom AccessManager so can control access to this level. The problem I
have with properties is that I want the user to have write permission when
connected through my web application, but more limited permissions when
connected through WebDAV. However, it is only possible to have a single
AccessManager configured per repository.

It's apparently possible to hide items in WebDAV by filtering on namespace
(eg "rep:") or node types, but I have not had success with this and it's
specified to only affect display and not access.

> - BTW, have you looked at Apache Sling [2]? It should reduce your
> effort to build a custom REST interface on top of JCR

I looked at Sling briefly, but I've found the REST side of things pretty
easy-going just using the Jersey JAX-RS implementation. It wasn't clear to
me what Sling's benefits were from examples on the website, and I have
complete control over the details by coding my own!


View raw message