WARNING: This server is unstable and will be retired in the next days.
If you want to keep this forum available, please request immediately a migration
on the Nabble Support forum.
Forums that don't receive any migration request will be deleted forever.
JEE container managed security does not cover instance based authorization,
and would not address which part(s) of a gallery a given entity can access.
> > permission checking should be left to the backend if
> > possible. I don't know what JCR offers for that at
> > the moment.
From the docs:
How do I manage the access rights of authenticated users?
The current JackrabbitSimpleAccessManager class only supports
three access levels: anonymous, normal, and system. Anonymous
users have read access while normal and system users have full
read-write access. You need to implement a custom AccessManager
class to get more fine-grained access control.