hi in jackrabbit-core node types, namespaces and privileges were stored separated from the repository content in the file system. accessibility of that part of the repository was therefore never managed by the regular item access in jackrabbit.
now, as of oak all of them are stored and accessed in the repository and are consequently affected by regular item read access which basically breaks backwards compatibility. i see the following ways we could address this: a) setup full read access for the corresponding content trees in oak b) define separate default access control policies for those trees that are present irrespective of the ac policies defined in the content. sort of "post-evaluation" rule that always takes effect. not doing anything and leaving setup of these access rights to the users doesn't see to be the wright solution to me. see also https://issues.apache.org/jira/browse/OAK-787 kind regards angela
