hi maxim, > Notably CRX, a commercial product of Day Software contains its own > (apparently nonstandard) implementations of permissions based on > ACLs. true, we are also considering to contribute a similar or the same acl mechanism not only for jackrabbit but as a possible example model for a future jcr mechanism. so any input would be highly appreciated. feel free to download crx and play with it.
> For the next generation of JCR (maybe JCR 2.0) I can only suggest to > consider adding an AccessManager interface similar to QueryManager > with a few built-in implementations. These could be > - simle superuser/anonymous, like currently in Jackrabbit > - UNIX filesystem, > - NTFS filesystem (ACLs based) > - Generic ACLs (similar to Day implementation) > So applications will be able to either choose form existing variant or > implement their own scheme. agreed, the reason why it was excluded from jcr 1.0 was simply to slim down the spec and be able to drive to consensus quicker. maybe we can shoot to include something like that in jcr 1.1 regards, david
