Read-only session
-----------------
Key: JCR-2867
URL: https://issues.apache.org/jira/browse/JCR-2867
Project: Jackrabbit Content Repository
Issue Type: New Feature
Components: jackrabbit-core
Reporter: Jukka Zitting
It would be nice to have a way to declare that a given JCR session will only be
used for reading, regardless of the access rights of the logged in user. This
would be useful for example in web applications that want to enforce
constraints like allowing no writes during processing of GET requests.
This could be implemented for example as a per-session flag that could be set
through an extra parameter in the login() call, like this:
repository.login("workspace-name?readonly", credentials);
Alternatively a security manager could be connected with a ThreadLocal variable
set for example by a servlet filter based on the current request method.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
