Hi, On Mon, Jan 25, 2010 at 9:45 AM, <[email protected]> wrote: > + Session loginAdministrative(String workspace) throws LoginException, > + NoSuchWorkspaceException, RepositoryException;
I quite dislike this method, as it essentially gives all clients the ability to access the repository as administrators. There's no way for the repository implementation to verify that the client is doing the right thing. I'd rather see such functionality exposed through normal credentials with some shared secret, or alternatively through the RepositoryManager interface for which we already solved the "administrator-only" access problem. BR, Jukka Zitting
