Hello Sling Users When I launch Sling, there is an ACL for jrc:read for the everyone ‘principle' on jcr:root, as described in the repoinit.txt http://archive.apache.org/dist/sling/org.apache.sling.launchpad-9.jar <http://archive.apache.org/dist/sling/org.apache.sling.launchpad-9.jar>
I have found these resources: http://apache-sling.73963.n3.nabble.com/Principal-quot-everyone-quot-is-not-clear-td4078544.html <http://apache-sling.73963.n3.nabble.com/Principal-quot-everyone-quot-is-not-clear-td4078544.html> https://jackrabbit.apache.org/oak/docs/security/user/membership.html <https://jackrabbit.apache.org/oak/docs/security/user/membership.html> But I still have questions: * Why is everyone by default granted jcr:read access to the whole repository? * If you wanted to control access, isn’t it better to whitelist (i.e. grant) instead of deny? * If the everyone ACL jcr:read rule was deleted from root, what problems should be expected? Many thanks! Cris Rockwell Applications Architect Sr College of Literature, Science, and the Arts | University of Michigan LSA Technology Services | 6503 Haven Hall | 505 S. State Street | Ann Arbor, MI I 48109 Desk: 734.763.6818 | Email: cmroc...@umich.edu