Hi, On Mon, Apr 22, 2013 at 2:14 PM, Angela Schreiber <[email protected]> wrote: > that's basically my proposal a) but i am not totally sure if that's > the best solution... in particular it will not work if someone > would deny read-access to a 'user' on the root node...
Wouldn't an ACL on the /jcr:system subtree override one on the root node? > in addition > i am not sure, if we really want to have full/regular ac-evaluation > for those trees... I don't see much harm in having them under normal access control. Did you have something specific in mind? On the contrary, avoiding a special case for this should help keep the relevant code simple. BR, Jukka Zitting
