On Wed, Mar 6, 2013 at 4:08 PM, Alexander Klimetschek <[email protected]> wrote: >... Sling is a web framework, about routing, servlet + script rendering etc. >Defining ACL security is not > it's business - this is the business of the resource backends...
Many modern stores do not provide any security, they're just "stupid" key-value or column stores. How about being able to promote Sling + HBase as a scalable web framework, for example? How about Sling as web layer for Solr? That would be very cool IMO, and if you want ACLs in such a setup you need to provide them yourself. That's where I'm in favor of extension points for ACLs - as long as those are disabled for the default JCR-based use case. -Bertrand
