Hi Jukka, 2013/3/25 Jukka Zitting <[email protected]>: > Hi Lukas, > > On Mon, Mar 25, 2013 at 5:09 PM, Lukas Eder <[email protected]> wrote: >> Are there any such plans in OAK? > > Yes, but not exactly as you outline. > > Instead of having a special "secure realm" or other special modes that > allows things like JCR API calls without access restrictions, we've > built Oak using a set of layers with with different responsibilities > and limitations. The lowest ones of these levels, the NodeState model > [1] and the underlying MicroKernel, offer an unrestricted view on the > content stored in the repository. Access controls are currently built > into the next level that consists of the TreeImpl class and other > components that make up the Oak API [2]. > > Just recently we've been discussion about whether access control > checks should be pushed even further down the stack into the NodeState > level. See [3] for the relevant (and ongoing) thread.
The immediate feeling I have with this approach is the fact that low-level API access and access-control bypassing are two orthogonal things. The purpose of high-level APIs is not restricted to adding access-control. There are a lot of other useful features added, by abstracting what you called NodeState / MicroKernel. Let me put it bluntly. On a Unix system, sudo is so much more useful than going to the hard drive with a magnet and applying some Tesla magic, to bypass access control :-) > It would be great if you could take a look at those layers and the > recent discussion to see whether they address the issues you've > encountered with Jackrabbit's access control model. Yes, thank you for those links. I will read through them and probably join the other discussion, rather than spawning a new one here. Cheers Lukas
