On 14 Aug 2008, at 17:38, Boni Gopalan (BioImagene) wrote:
What is the best approach to define access rights and to control
access
at Node Level?
Options;
1. wait for a jackrabbit release with the new JSR 283 access control
API (JR 1.5), or
2. implement your own;
- create acl mixin node types (subclass mix:referenceable) that can be
attached to any node type
- at startup query for all such node types, put them in a hashmap
cache keyed on their uuid
- implement a listener that listens to any change to nodes that have
this node type which updates said cache
- implement an access controll handler that checks operations on
nodes, whenever a change is being done to a node which has the node
type above, check if the operation in question is allowed, by fetching
the node from cache.
3. use JR current trunk. The access control api implementation was
committed in revision 638834.
--
Torgeir Veimo
[EMAIL PROTECTED]
