hi jukka
that's what we had in jackrabbit core and it was a total mess.
we need some lower level implementation of all the security
related code for various reasons including validation. just
putting it on top of jcr didn't work and i will not make that
same mistake again...
kind regards
angela
On 11/27/12 4:37 PM, Jukka Zitting wrote:
Hi,
On Tue, Nov 27, 2012 at 5:11 PM, Angela Schreiber<anch...@adobe.com> wrote:
IMO that will not work for the case manfred is referring
to as it is operating on the oak-api and not on jcr api.
After thinking about this for some while, I actually wonder whether it
would be better for the authentication code to work completely on top
of the JCR API, with it's own separate sessions.
That would make the authentication code more similar to other standard
JAAS components that connect to existing databases, LDAP directories,
etc. for authentication information. As an extra benefit this would
also make it possible to reuse the users and groups stored in the
repository for authenticating also access to non-Oak/JCR resources.
BR,
Jukka Zitting
