[ https://issues.apache.org/jira/browse/SLING-2698?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13593482#comment-13593482 ]
Mike Müller commented on SLING-2698: ------------------------------------ The use case of the minimal resource access gate is NOT a new security layer or a replacement of ACLs. Here some real world use cases where ResourceAccessGate implementation can make sense: * locking down a whole website for testing purposes (before going online) -> only logged in users should see the website (no matter what login they use) * giving access to a resource only from Monday to Friday from 8.00am to 5pm Such use cases do not interfere with JCR-ACLs at all. In addition it woul dbe much easier to implement such a rule if we have different ResourceProviders (maybe JCR and also a FileProvider). > Add a minimal resource access gate > ---------------------------------- > > Key: SLING-2698 > URL: https://issues.apache.org/jira/browse/SLING-2698 > Project: Sling > Issue Type: New Feature > Components: ResourceResolver > Reporter: Mike Müller > Assignee: Mike Müller > Fix For: Resource Resolver 1.1.0 > > Attachments: resource-resolver-wrapper.patch > > > Adding a minmal resource access gate as discussed in [1]. > First step is to define the API interface and a minimal implementation which > allows to define READ access (rest of CRUD can follow later) > [1] http://markmail.org/thread/4ctczoiy533tquyl -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira