[
https://issues.apache.org/jira/browse/SLING-2783?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13598709#comment-13598709
]
Bertrand Delacretaz commented on SLING-2783:
--------------------------------------------
Do you have a concrete use case where shadowing JCR paths with other resource
providers is actually useful and not a mistake?
Having to evaluate all paths returned by JCR searches with access control from
various Sling providers will kill search performance, especially as AFAIK JCR
repositories optimize searches with caches and lazy loading.
Another option, to make sure the JCR repository doesn't find anything under a
patch that's shadowed by a resource provider, is to set an ACL that denies
access to everybody on that path (assuming that works for admin as well, not
sure about that).
> Search implementation does not respect resource providers
> ---------------------------------------------------------
>
> Key: SLING-2783
> URL: https://issues.apache.org/jira/browse/SLING-2783
> Project: Sling
> Issue Type: Bug
> Components: JCR
> Affects Versions: JCR Resource 2.2.4
> Reporter: Carsten Ziegeler
> Fix For: JCR Resource 2.2.6
>
>
> If a search is performed by the JCR Resource Provider the returned set is not
> checked whether these resources/nodes are accessible through the resource
> tree.
> For example a different resource provider might be mounted at /libs -
> therefore all results for this sub tree need to be discarded.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
