On Tue, Jul 2, 2013 at 2:38 PM, Dominik Süß <dominik.su...@gmail.com> wrote: > Facing some questions about how to prevent the SlingPostServlet to be able > to perform a change I had a closer look at the current implementation and > it looks like there is currently no "secure" way of doing that beside > locking the target on persistancelevel (alias setting ACLs)...
...which looks to me like the right way of locking things. But maybe for the post servlet we need a parallel structure to define who's allowed to do what. You could for example have /user-rights/sling/post-servlet/post/content/foo and whoever's allowed to read that is allowed to post to /content/foo, barring other ACL limitations. Just thinking outloud mostly...my point is that any security-related stuff should be driven by ACLs, and in some case "indirect" ACLs can be useful. -Bertrand
