On Tue, Jul 6, 2010 at 23:06, Ian Boston <ianbos...@gmail.com> wrote: > Inline: > > Sent from my iPhone > > On 6 Jul 2010, at 17:37, Alexander Klimetschek <aklim...@day.com> wrote: > >> On Tue, Jul 6, 2010 at 17:35, Ian Boston <i...@tfd.co.uk> wrote: >>> >>> Yes, I am not explaining myself clearly. Sorry. >>> >>> /_user/aaa is jcr:read anon >>> ... >>> /_user/ieb is jcr:read anon >>> ... >>> /_user/zzz is jcr:read anon >>> >>> but when I do >>> users.getNodes(); I want to see a list size 0 not a list size n. >>> >>> Its the entire list that must be protected. >>> If I know the ID (aaa,ieb,zzz) I should be able to access it. >> >> Then you should login with the ID into the repository, ie. have them >> as users, because that's what they are. > > If i do that, how will i differentiate between anon users and the real user > who is granted wider access in their own subtree? > > Ie /_user/ieb/private is > denied jcr:read anon > granted jcr:all ieb > /_user/ieb/private has a child node subtree > > And > /_user/ieb is > granted jcr:read anon > granted jcr:all ieb > /_user/ieb has a child node subtree
You would not have an anonymous user here at all, as you'd enforce authentication for the /_user tree. Regards, Alex -- Alexander Klimetschek alexander.klimetsc...@day.com