Hi all, I'm currently developing an application that provides two front-ends:
* a WebDAV servlet (provided by Jackrabbit), and * an application-specific REST (HTML, XML) interface. I'd be interested in hearing what the consensus is regarding access control and node typing in this context. The problem - as I see it - is that an application-specific interface can provide a layer between the user and the repository, thus preventing bad data being entered, but WebDAV potentially allows users to enter anything. If you use nt:unstructured (or subtypes of nt:folder etc) then there could potentially be errant nodes everywhere. I have found node types to be effective in preventing WebDAV users from uploading files in places they shouldn't. This works in a very crude way, returning a "500 Internal Server Error" response, but stops them at least. Is this the intended approach? (In my application, there are strongly-typed "project" nodes at the top level, and then only beneath this are subtrees where a user can freely manage files and folders. Only these subtrees are intended to be modified using WebDAV - the rest should be done through the custom web service.) The other interesting point is access control. I've written a custom AccessManager class and have found this useful both for WebDAV and my own servlets: in my servlets, I access the repository through a user-specific Jackrabbit session based on credentials provided through HTTP Auth and thus access control is handled at the repository level instead of the web application level (a very nice benefit of using a JCR, IMO). But it poses a minor problem with WebDAV. Although a user has write access to their projects - subject to node type constraints - it would be desirable to prevent them modifying certain properties. You can only have one AccessManager per repository instance, however. Do people just accept this limitation? Or do people write an AccessManager with WebDAV in mind and use a "system session" with additional access filters defined at the web application level? Or are there even further approaches like using/abusing workspaces that work better? There isn't a lot of reference material out there at this point in time... Look forward to hearing other's thoughts! Thanks Charlie
