On 12.11.2012, at 10:55, Felix Meschberger <[email protected]> wrote: >> Considering that most requests to websites are "anonymous", I suggest >> that multi-tenancy support should only care about the resource being >> requested, not about the requesting user, This also guarantees >> consistent results for rendering. > > This (and the following) raise good questions. And we are not ready to answer > them (yet) and we are not even considering per-tenant applications (for above > stated reasons).
I'd agree with Julian. A tenant should be dependent on something clearly defined through the URL: e.g. the domain / Host header or a URL path, such as domain.com/tenant. So it's essentially request-dependent, not necessarily user or content dependent. Otherwise it would also overlap too much with ACLs. > * A ResourceResolver representing a user (just like JCR Session does) can be > adapted to a Tenant to which the user "belongs". Hmm, I am not sure if a user belongs to a (single) tenant. What if a user should be able to log into multiple tenants? For example, an agency with multiple customers (who are tenants) or just the admin users of the site provider. > * A Resource can be adapted to a Tenant under the assumption that the > respective Resource belongs to one of the Tenant's data areas in the > repository. What if there are shared resources? You probably need the resources from a request-specific resource resolver, which in turn handles the request-dependent tenant resolution, so you get the right tenant from the resource based on that, but not based on the resource's location. Cheers, Alex
