hi, Maybe I am approaching this the wrong way; but here's what I am trying to do:
My app will have 1-n workspaces. Requirement 1: Each workspace will have its own set of users. User's from one workspace cannot access other workspaces. Requirement 2: In some exceptional cases, users may access other workspace To highlight this with an example: say the workspaces are Legal, Marketing and Sales. They will have their own users and they cannot see each others stuff. Now a new workspace Cafeteria is added, that users from all other workspaces should be able to see [and perhaps write comments on the menu etc] that workspace. Since, Jackrabbit gives everyone read access to all workspaces, using the DefaultSecurityManager was not an option. I ended up using UserPerWorkspaceSecurityManager, which now allows me to fulfill requirement 1. However I am puzzling over how to get to requirement 2. I tried giving a user from workspace 1 access to workspace 2, but obviously it does not work, since users are per workspace. I tried using DefaultSecurityManager, but that then gives everyone access to all workspaces. So, is there a mechanism to fulfill the requirements or is it asking too much of jackrabbit ?? PS: Please don't ask me to use a single workspace. Due to requirements of total isolation, strong file system level security requirements and possible future migration of workspaces independently to other machines, our architects have decided on separate workspaces per community of users. I cannot change that requirement. -- View this message in context: http://jackrabbit.510166.n4.nabble.com/Multiple-workspaces-and-access-control-question-tp3445683p3445683.html Sent from the Jackrabbit - Users mailing list archive at Nabble.com.
