Hi Felix, On Fri, Nov 14, 2008 at 7:14 AM, Felix Meschberger <[EMAIL PROTECTED]>wrote:
> Hi Juanjo, > > Juanjo Vázquez schrieb: > >> The proposal also allows for much more > >> flexibility in building the Resource tree made of ResourceProviders > >> where each ResourceProvider itself may actually be provided by a > >> ResourceProviderFactory. > > > > > > Felix, this implementation would allow to have an only one security > > management for the whole virtual resources tree, really?. I understand > this > > is not possible until now. > > Ehrm, no, this is not intended. The goal is to allow ResourceProviders > to protect their resources by authenticating the access. > > Today, we authenticate against a single JCR ResourceProvider while all > other resource providers (servlets, bundles, filesystem) do not > authenticate at all. > > With the new ResourceProviderFactory and ResourceResolverFactory, > authenticating ResourceProviders may be implemented. > > Enforcement of access control will remain an implementation detail of > the actual ResourceProvider. > Ok, I see. Furthermore, IMHO an eventual single sign-on stuff should remain out of the Sling scope. Anyway, +1 for your ResourceResolverFactory proposal. BR, Juanjo.
