[
https://issues.apache.org/jira/browse/SLING-2698?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13593482#comment-13593482
]
Mike Müller commented on SLING-2698:
------------------------------------
The use case of the minimal resource access gate is NOT a new security layer or
a replacement of ACLs. Here some real world use cases where ResourceAccessGate
implementation can make sense:
* locking down a whole website for testing purposes (before going online) ->
only logged in users should see the website (no matter what login they use)
* giving access to a resource only from Monday to Friday from 8.00am to 5pm
Such use cases do not interfere with JCR-ACLs at all. In addition it woul dbe
much easier to implement such a rule if we have different ResourceProviders
(maybe JCR and also a FileProvider).
> Add a minimal resource access gate
> ----------------------------------
>
> Key: SLING-2698
> URL: https://issues.apache.org/jira/browse/SLING-2698
> Project: Sling
> Issue Type: New Feature
> Components: ResourceResolver
> Reporter: Mike Müller
> Assignee: Mike Müller
> Fix For: Resource Resolver 1.1.0
>
> Attachments: resource-resolver-wrapper.patch
>
>
> Adding a minmal resource access gate as discussed in [1].
> First step is to define the API interface and a minimal implementation which
> allows to define READ access (rest of CRUD can follow later)
> [1] http://markmail.org/thread/4ctczoiy533tquyl
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
