[ https://issues.apache.org/jira/browse/OAK-6516?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16112419#comment-16112419 ]
angela commented on OAK-6516: ----------------------------- [~chetanm], please note that your list only applies for typical Oak-out-of-the-box setup scenarios. For Adobe AEM the validators and commit hooks provided by {{oak-authorization-cug}} and {{oak-auth-external}} also need to be listed! >From the list above following hooks are provided by the different security >modules and may differ depending on the actual security setup of a given oak >repository: retrieved from {{SecurityConfiguration.getValidators}} are {code} - PermissionStoreValidatorProvider - PermissionValidatorProvider - AccessControlValidatorProvider - PrivilegeValidatorProvider - UserValidatorProvider - CacheValidatorProvider - TokenValidatorProvider and additionally - CugValidatorProvider - ExternalIdentityValidatorProvider {code} retrieved from {{SecurityConfiguration.getCommitHooks}} are: {code} - VersionablePathHook {code} and the following {{PostValidationHook}} {code} - PermissionHook - JcrAllCommitHook and additionally - NestedCugHook {code} > Consider reordering the index-update-hook to reside with other > post-commit-hooks > -------------------------------------------------------------------------------- > > Key: OAK-6516 > URL: https://issues.apache.org/jira/browse/OAK-6516 > Project: Jackrabbit Oak > Issue Type: Task > Components: core, indexing > Reporter: angela > > Currently the index-update hook is located together with other commit > validators and is followed by the security related validators that are > plugged to the final commit hook upon each call to {{Root.commit}} to allow > for proper pluggability of security modules. > Consequently a given commit may fail with some security related validation > only after the index updated has been proceeded already. > I would like to discuss the possibility to treat the index-update like a > post-commit-hook that is only executed after all validation has been > performed. In the security area this is achieved by collecting the validator > separately from the post-commit-hooks. > [~stillalex], [~tmueller], I would appreciate if we could discuss this topic > as well as possible implications/regressions that might be associated with it. -- This message was sent by Atlassian JIRA (v6.4.14#64029)