Re: [RT] Multi Tenancy

Am 12.08.2014 23:19 schrieb Alexander Klimetschek aklim...@adobe.com: Carsten Ziegeler cziege...@apache.org wrote: Yes, right - now the replacement for loginAdministrative can prevent this if loginAdministrative is not working anymore (throws an exception). No! With JAAS Subject.doAs() you

Re: [RT] Multi Tenancy

2014-08-12 1:47 GMT+02:00 Alexander Klimetschek aklim...@adobe.com: And then use the resource types in the content: /content/tenant1/site/@sling:resourceType = tenant1/components/foo I think this is not feasible in the general case. For example, imagine having ootb components with a

RE: [RT] Multi Tenancy

-Original Message- From: Alexander Klimetschek [mailto:aklim...@adobe.com] Sent: Tuesday, August 12, 2014 1:47 AM To: dev@sling.apache.org Subject: Re: [RT] Multi Tenancy ... And here it becomes tricky. Because if you are allowed to write arbitrary code (e.g. in JSPs), you can get

RE: [RT] Multi Tenancy

i created a first draft of a wiki page where i tried to collect the different views of and requirements for multitenancy of the recent discussions: https://cwiki.apache.org/confluence/x/So2uAg i coined new names for the two scenarios Virtual Hosting and Massive Multi Site we should decide

Re: [RT] Multi Tenancy

Hey Stefan, just to add my 2 cents on constraints for a tenant: * In both cases the tenant could be identfied by one or more branches in the repo that can be linked to exactly one tenant. * In cases of Tenant Inheritance (as described in the Massive Multi Site Scenario) the returned Tenant would

Re: [RT] Multi Tenancy

2014-08-12 10:36 GMT+02:00 Stefan Seifert sseif...@pro-vision.de: if the tenant-specific scripts are allowed to get an admin session, they cannot only access scripts of other tenants, but all their content as well, which is i suppose much more problematic than accessing the custom scripts.

Re: [RT] Multi Tenancy

Hi Stefan, thanks for putting this together. While I agree that the requirements are different for the 2 scenarios, I'd rather see the multi-site scenario as a subset of virtual hosting. Tenants in virtual hosting could be structured internally as a multi-site as well. I also think that in the

RE: [RT] Multi Tenancy

-Original Message- From: Alexander Saar [mailto:alexander.s...@googlemail.com] Sent: Tuesday, August 12, 2014 8:34 PM To: dev@sling.apache.org Subject: Re: [RT] Multi Tenancy ... thanks for putting this together. While I agree that the requirements are different for the 2 scenarios, I'd

Re: [RT] Multi Tenancy

Carsten Ziegeler cziege...@apache.org wrote: Yes, right - now the replacement for loginAdministrative can prevent this if loginAdministrative is not working anymore (throws an exception). No! With JAAS Subject.doAs() you can still login as admin [1]. Disabling loginAdministrative() is just

Re: [RT] Multi Tenancy

Ack. As Dominique mentioned, there are cases where you want to share scripts between tenants. For example a partner hosting multiple customers with a set of common components/resource types. If you want to model that with a custom resource resolution, you will build the same system that's

[RT] Multi Tenancy

Hi, we've seen a lot of different dicsussions over time wrt multi tenancy in this list. In addition, there is the age old proposal at [1] and the tenant module in [2] which superceeds parts of the proposal on the wiki The current tenant module detects the tenant of a request either based on the

RE: [RT] Multi Tenancy

closely related to a tenant concept. stefan -Original Message- From: Carsten Ziegeler [mailto:cziege...@apache.org] Sent: Monday, August 11, 2014 1:18 PM To: dev@sling.apache.org Subject: [RT] Multi Tenancy Hi, we've seen a lot of different dicsussions over time wrt multi tenancy

Re: [RT] Multi Tenancy

Hi, On Mon, Aug 11, 2014 at 3:13 PM, Stefan Seifert sseif...@pro-vision.de wrote: ...btw. we should perhaps first start to define what we mean with the term tenant. this much-used and overloaded term might be a source of confusion as well... Definitely - I suggest creating a page under

Re: [RT] Multi Tenancy

On Mon, Aug 11, 2014 at 3:29 PM, Bertrand Delacretaz bdelacre...@apache.org wrote: ...I suggest creating a page under https://cwiki.apache.org/confluence/display/SLING for multi-tenant use cases and definitions... There's already

Re: [RT] Multi Tenancy

fit your site definition even for large sites. [1] http://en.wikipedia.org/wiki/Multitenancy Regards Carsten stefan -Original Message- From: Carsten Ziegeler [mailto:cziege...@apache.org] Sent: Monday, August 11, 2014 1:18 PM To: dev@sling.apache.org Subject: [RT] Multi Tenancy

Re: [RT] Multi Tenancy

for us the goal would be to run multiple customers in one sling instance without the ability to touch the code/content of any other tenant. It would be nice if a) restricting users from one tennat to another would be simple b) allow a good search path override for each tenant c) split out the

RE: [RT] Multi Tenancy

.html#none -Original Message- From: Bertrand Delacretaz [mailto:bdelacre...@apache.org] Sent: Monday, August 11, 2014 3:32 PM To: Bertrand Delacretaz Cc: dev Subject: Re: [RT] Multi Tenancy On Mon, Aug 11, 2014 at 3:29 PM, Bertrand Delacretaz bdelacre...@apache.org wrote: ...I suggest

Re: [RT] Multi Tenancy

On 11.08.2014, at 06:13, Stefan Seifert sseif...@pro-vision.de wrote: btw. we should perhaps first start to define what we mean with the term tenant. this much-used and overloaded term might be a source of confusion as well. in my view a tenant is in its smallest form e.g. one site