Julian Reschke wrote: > > Some years ago we implemented WebDAV ACL on a content management system, > and that was able to return Access Control Information even if some if > the principals involved had become invalid. One way to do this is to > allow deleted principals to be exposed as working Java objects, and just > restricting the set of operations you can use on them. > > Does the proposed JSR-283 precludes an implementation like that? If yes, > we will have to discuss this.
Not as far as I can see, at least in "16 Access Control Management". What it does say is: "The privileges granted to a user can be controlled by assigning access control policies to nodes. The content and semantics of these policies are implementation specific and may be based on any mechanism, including access control lists or role/responsibility assignments. JCR does not expose the internals of policies, nor does it provide a mechanism for defining them." And later: "The discovery of java.security.Principals is outside the scope of this specification" So the fact that getPolicies() fails may even be ok with the spec (although still problematic, I'd say). But I don't think getApplicablePolicies() should be affected by any problems the current ACL of a node may have. I think the implementation should, at the very least, be able to ignore "dead" principals. My application at least doesn't care for privileges granted to unavailable principals, so whether they're returned as "unknown principal" instances or simply ommited doesn't matter to me. But I do think the principal manager's NoSuchPrincipalException should be caught and handled (at least: ignored) by the methods building the policies. Cheers, Marian. -- View this message in context: http://www.nabble.com/WebDAV-ACLs-referring-to-deleted-principals-tp24934748p24939481.html Sent from the Jackrabbit - Users mailing list archive at Nabble.com.
