Alexander Klimetschek wrote: > Why do you want different access rights depending on the way the user > connects to the repository? That seems like the content model could be > improved.
I'm not sure how a different content model would change things - am I missing something obvious? My intention is just to restrict WebDAV from modifying certain properties; these are properties the user might have "permission" to modify, but because WebDAV doesn't allow validation it could be argued that modifications should only be allowed through an application-specific interface (eg HTTP/HTML with form validation). So not necessarily different access rights, just reduced functionality. > Sling offers a lot, and you always have the control over the details. > First of all, it supports the following formats over HTTP > out-of-the-box: WebDAV, JSON, Plain Text rendering (for reading). The > SlingPostServlet allows to manipulate the JCR via form posts. Finally > it is *very* easy to write your own REST interface - the built-in ones > are the default renderings if there are no others (custom) defined. > And since it works on resources (resource = node in the jcr), you can > easily model your URL space in JCR and put different renderes to > different resources (eg. /content/orders, /content/products). I guess this is life: I spent enough time studying JCR and Jackrabbit, I already had opinions and knowledge about the REST interface I wanted, and there didn't seem to be much material for people outside the project to understand Sling. So I dived-in with plain JAX-RS. It has been a good experience so far: JAX-RS annotations mean not too much code and Jersey supports JSP for view templates. Although maybe it could be better with Sling - I guess I'll find out when I have time to take another look at the project. Later Charlie
