[
https://issues.apache.org/jira/browse/JCR-2859?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12977716#action_12977716
]
Carsten Ziegeler commented on JCR-2859:
---------------------------------------
There is no API in JCR to get the lock token and I think storing it somewhere
accessible makes the token available to everyone not just the user who created
the lock.
Now I don't consider this a great danger - having a locked node which can never
be unlocked again, sounds more problematic too me.
But I guess this should be made configurable - default being the old behaviour
> Make open scoped locks recoverable
> ----------------------------------
>
> Key: JCR-2859
> URL: https://issues.apache.org/jira/browse/JCR-2859
> Project: Jackrabbit Content Repository
> Issue Type: New Feature
> Components: locks
> Affects Versions: 2.2.0
> Reporter: Carsten Ziegeler
>
> The lock tokens for open scoped locks are currently tied to the session which
> created the lock. If the session dies (for whatever reason) there is no way
> to recover the lock and unlock the node.
> There is a theoretical way of adding the lock token to another session, but
> in most cases the lock token is not available.
> Fortunately, the spec allows to relax this behaviour and I think it would
> make sense to allow all sessions from the same user to unlock the node - this
> is still in compliance with the spec but would make unlocked locked nodes
> possible in a programmatic way.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
