jackrabbit-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Justin Edelson <jus...@justinedelson.com>
Subject Re: Setting up Access Control
Date Tue, 13 Sep 2011 12:16:17 GMT
You should not need to write your own implementations of any Jackrabbit or JCR interfaces to
set an ACL on a node.

Regards,
Justin

On Sep 13, 2011, at 7:38 AM, Francisco Carriedo Scher <fcarriedos@gmail.com> wrote:

> Hi there,
> 
> i have been diving in mailing list and source code of Jackrabbit and finally
> my impression is that just interfaces are defined respecting access control
> (lots of abstract classes to be extended with my own code, right?). I say
> that based on quotes from the mailing list as:
> 
> http://mail-archives.apache.org/mod_mbox/jackrabbit-users/201106.mbox/%3CBANLkTi=UKkoLaFOQ1ddOo+DVTHvFT3LOdQ@mail.gmail.com%3E
> http://mail-archives.apache.org/mod_mbox/jackrabbit-users/201106.mbox/%3C4DEF2AC2.9070205@adobe.com%3E
> 
> About the source code, when i extend the abstract classes related to
> access control (AbstractAccessControlManager, AbstractACLTemplate,
> ...) what really intrigates me is that i thought  that the ACLs remain
> stored within the repository binded somehow to the node they were
> created for (with setPolicy method). The point is, if i extend the
> classes mentioned (and thus write setPolicy source code), it is up to
> me where to store the ACL objects as long as i provide a method to get
> them when needed to perform access control operations? Isn't it? Would
> be valid ideas storing them inside Jackrabbit's as nodes, or within a
> database or...?
> 
> Thanks in advance for any hint about my wrongness or correctness!

Mime
View raw message