You should not need to write your own implementations of any Jackrabbit or JCR interfaces to set an ACL on a node.
Regards, Justin On Sep 13, 2011, at 7:38 AM, Francisco Carriedo Scher <[email protected]> wrote: > Hi there, > > i have been diving in mailing list and source code of Jackrabbit and finally > my impression is that just interfaces are defined respecting access control > (lots of abstract classes to be extended with my own code, right?). I say > that based on quotes from the mailing list as: > > http://mail-archives.apache.org/mod_mbox/jackrabbit-users/201106.mbox/%[email protected]%3E > http://mail-archives.apache.org/mod_mbox/jackrabbit-users/201106.mbox/%[email protected]%3E > > About the source code, when i extend the abstract classes related to > access control (AbstractAccessControlManager, AbstractACLTemplate, > ...) what really intrigates me is that i thought that the ACLs remain > stored within the repository binded somehow to the node they were > created for (with setPolicy method). The point is, if i extend the > classes mentioned (and thus write setPolicy source code), it is up to > me where to store the ACL objects as long as i provide a method to get > them when needed to perform access control operations? Isn't it? Would > be valid ideas storing them inside Jackrabbit's as nodes, or within a > database or...? > > Thanks in advance for any hint about my wrongness or correctness!
