hi, my questions: 1. using AccessManager for authorization in Jackrabbit means that JAAS classes are automatically involved (Subject, Principal), or I can use AccessManager also without involving JAAS classes?
2.if i want to realize authorization with an external mechanism without JAAS, which mechanism can I use? 3. on jsr170 1.0.1 at 6.9 Access Control it says: "...these permissions may be determined by the Credentials passed on login". I don't understand this. 4.which is the usage for Session.checkPermissions? it doesn't accept a user kind-of parameter, how can I determine which user should be checked for permissions?
