On Tue, Nov 22, 2011 at 2:43 PM, Vidar Ramdal <[email protected]> wrote: > 2011/11/22 Bertrand Delacretaz <[email protected]>: >> ...To keep things simple I'd suggest using a "shadow resource tree" in >> JCR if we need to define access control for ResourceResolvers which >> are not JCR: have the /SLING-ACL/resolvers/com.example.bar/foo >> repository node define ACL for resource /foo provided by provider >> com.example.bar, for example. > > Hmm, so you are thinking about delegating access control for all kind > of resources to JCR? Wouldn't that just duplicate resource trees from > (all) other resource providers into JCR, just for the sake of access > control?...
The shadow tree could use wildcards, if we want to go that way. -Bertrand
