Is there a guide to using the ACL features in 1.5? I've started digging into
the extension points and it seems pretty straightforward, but I'm not clear on
the default behavior. I'm using JBoss with a custom JAAS LoginModule that
authenticates users against our corporate directory and fetches their roles. We
use this loginmodule for existing web and ejb applications so I know the
standard role-based security works. It looks like I can set the appropriate
JAAS name in the repository configuration and my roles will be available to
Jackrabbit. The part I'm fuzzy on is how to map roles to read/write permissions
at the node level. Any help is greatly appreciated...
