Oliver Lietz created SLING-6130:
-----------------------------------
Summary: Restrict access for principal everyone and move
configuration to repoinit
Key: SLING-6130
URL: https://issues.apache.org/jira/browse/SLING-6130
Project: Sling
Issue Type: Improvement
Components: JCR, Oak
Affects Versions: JCR Oak Server 1.1.0
Reporter: Oliver Lietz
Assignee: Oliver Lietz
Fix For: JCR Oak Server 1.1.2
Currently {{everyone}} can {{read}} from {{/}} (configured in
{{OakSlingRepositoryManager}}).
Access for {{everyone}} should be restricted:
* {{read}} should be restricted to {{/content}}
* configuration of principals and ACLs should be done with _repoinit_
# Change path from {{/}} to {{/content}} in {{OakSlingRepositoryManager}}
# Fix modules (samples) relying on _unrestricted_ {{read}} access
# Move configuration of ACLs to _repoinit_
discussion on
[dev@|https://lists.apache.org/thread.html/36908ed62ac93c63cad594a897f8abceb93f08da5bcea30dbce98e58@%3Cdev.sling.apache.org%3E]
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
