Jukka Zitting
Mon, 25 Jan 2010 06:02:56 -0800
Hi, On Mon, Jan 25, 2010 at 9:45 AM, <fmesc...@apache.org> wrote: > + Session loginAdministrative(String workspace) throws LoginException, > + NoSuchWorkspaceException, RepositoryException;
I quite dislike this method, as it essentially gives all clients the ability to access the repository as administrators. There's no way for the repository implementation to verify that the client is doing the right thing. I'd rather see such functionality exposed through normal credentials with some shared secret, or alternatively through the RepositoryManager interface for which we already solved the "administrator-only" access problem. BR, Jukka Zitting