Hi, I've just started with Jackrabbit and currently trying to get some security going. I'm trying to implement my own AccessManager. I took SimpleAccessManager as a base and following the @todo comments. I'm also going to implement (or hopefully find) a JAAS LoginModule to work with LDAP. The way I was planning to check access to certain Node types is store a set of groups (that have access to that Node) as properties in those nodes and then compare those sets with the set of Principals (of Group class).
First of all: does this approach make sense? Is there another/better approach or built in support for basic role/group based access management? Any examples, tutorials? Is it possible to get access to current Session from within AccessManager? Because I need it in order to get the list of groups from the current Node... Thanks for any help or comments. Pavel
