I wrote the PluggableDefaultAccessManager some time ago, but I never intended it to be used as default:
2009/7/1 <[email protected]>: > - <AccessManager > class="org.apache.jackrabbit.core.security.DefaultAccessManager"> > + <AccessManager > class="org.apache.sling.jcr.jackrabbit.server.impl.security.PluggableDefaultAccessManager"> This also explains the excess logging reported in SLING-1047 [1]. The motivation for PluggableDefaultAccessManager was to be able to plugin a custom AccessManager. PluggableDefaultAccessManager does not find a registered AccessManager, it will log a warning (since, in effect, there's no access control). Is there a strong wish to have PluggableDefaultAccessManager set as default - if so, the logging should be reduced. If not, we should revert repository.xml back to using DefaultAccessManager as default. [1] https://issues.apache.org/jira/browse/SLING-1047 -- Vidar S. Ramdal <[email protected]> - http://www.idium.no Akersgata 16, N-0158 Oslo, Norway +47 21 531941, ext 2070
