[
https://issues.apache.org/jira/browse/OAK-6356?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16064518#comment-16064518
]
angela commented on OAK-6356:
-----------------------------
[~stillalex], one thing that came to my mind today: it would be good if you
could also update the security documentation explaining this new feature with
the section that describes the composite-authorization-setup and explicitly
mention the new configuration option with the documentation of the
{{SecurityProviderRegistration}}.
That would be
- {{oak-doc/src/site/markdown/security/authorization/composite.md}}
- {{oak-doc/src/site/markdown/security/introduction.md}} => section
_Configuration_
> Allow CompositePermissionProvider to OR entries
> -----------------------------------------------
>
> Key: OAK-6356
> URL: https://issues.apache.org/jira/browse/OAK-6356
> Project: Jackrabbit Oak
> Issue Type: Improvement
> Components: core, security
> Reporter: Alex Deparvu
> Assignee: Alex Deparvu
> Fix For: 1.7.3
>
> Attachments: OAK-6356.patch, OAK-6356-v2.patch
>
>
> Currently the {{CompositePermissionProvider}} ANDs the entries and if any of
> those denies a check, all the chain will fail early. I'd like to extend this
> mechanism to 'OR' items if needed.
> A first application of this ORing could be the multiplexed permission store
> where the default store could deny a check but a mount could allow it, so it
> could be seen as valid.
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
