Francisco- What do you mean by 'ACLs don't work through WebDAV'? The repository enforces ACLs regardless of client type/protocol.
Justin On Apr 11, 2012, at 6:57 AM, Francisco Carriedo Scher <[email protected]> wrote: > Hi there, > > regarding security on Webdav accessed JR repositories i would like to hear > expertise opinions as access control is very permissive by default (and > ACLs don't work through Webdav). > > About authentication, what would be necessary in order to authenticate all > kinds of access?? (i.e.: opening a session with read / write permissions > through Java code and access through the web browser too). Would suffice > creating a custom access manager? I did it previously but i don't know if > this is the best practice... > > Any orientation (or expertise opinion) about the right way of providing > authentication and authorization on webdav accessed JR repositories will be > appreciated. > > Thanks in advance for your time!
