Justin, Felix, Thanks for your responses and please excuse that my terminology makes it a little too clear that I'm coming from CQ ;-).
Justins's solution is actually very close to what I had in mind with the "template based" solution. I will mull over this and create ticket also referencing Justin's solution. Ben Am 01.07.13 11:48 schrieb "Justin Edelson" unter <jus...@justinedelson.com>: >Ben- >Have you looked at the filter at >http://svn.apache.org/repos/asf/sling/trunk/samples/urlfilter ? It sounds >like your solution is roughly inline with this implementation. > >Justin > > >On Mon, Jul 1, 2013 at 2:30 AM, Ben Zahler ><ben.zah...@inside-solutions.ch>wrote: > >> Hi all, >> I have done some work on selectors and security in CQ lately, and in the >> process I've had an idea how to handle some of the issues in Sling. >> From my point of view, this could well be intergrated into Sling, but it >> can also easily work as an addition, so I'd like to hear some feedback >>from >> you. >> >> The basic idea is to have the developer of a component/template define >> the selectors allowed on the component. I've used a property >> sling:allowedSelectors to do so. >> In a servlet filter, we can then check for all the allowed selectors in >> the application and verify if the request's selector are valid. >> Of course, there are a quite a few open questions/points: >> >> - should the allowed selectors be cached? >> - Servlets with sling.servlet.selectors property need to be included >> as well >> - Should the sling:allowedSelectors configuration be component or >> template based? Component based means the definition is where the >>selectors >> are actually implemented, template based provides more accurate >>means of >> checking whether request selectors are valid. >> - How can multisites be configured? >> >> Attached is a very basic implementation of the Servlet Filter. Be aware >> that installing this into a CQ author instance will break some things as >> the default CQ selectors are not supported. >> >> So basically, my question to you is if you think this is an interesting >> feature or if you consider this rather unnecessary. ;-) >> >> Mit besten GrĂ¼ssen >> Ben Zahler >> >> Inside Solutions AG | Felsenstrasse 11 | 4450 Sissach | Schweiz >> Telefon: +41 61 551 00 40 | Direkt: +41 61 551 00 43 >> http://www.inside-solutions.ch >>
