c: If you are OK on this, I will create a getExternalSession() class in RepositoryImpl. This session will be used for all external application (backup, access manager and so on). The external session will have the same rights as a SystemSession. It would allow us to isolate two different class of use (external applications with priviledged rights and internal use). Are you OK on this?
i'm not. giving away system sessions compromises integrity and security. either have your app use the internals of the repository, or do a proper login. regards, toby -- -----------------------------------------< [EMAIL PROTECTED] >--- Tobias Bocanegra, Day Management AG, Barfuesserplatz 6, CH - 4001 Basel T +41 61 226 98 98, F +41 61 226 98 97 -----------------------------------------------< http://www.day.com >---
