Uploaded image for project: 'ModeShape'
  1. ModeShape
  2. MODE-2008

Configure REST service to be read-only for all repositories

    XMLWordPrintable

Details

    • Enhancement
    • Resolution: Won't Do
    • Blocker
    • 3.5.0.Final, 3.3.x-prod-ip6.0
    • 3.4.0.Final
    • Server
    • None

    Description

      The REST service typically uses servlet authentication to establish a JCR Session to handle the request. However, it is sometimes desirable that the entire REST service be configured to be read-only for all operations against all repositories, despite what authentication/authorization specify.

      Doing so is useful in systems where application(s) are the primary way to access and update the repository content, and ModeShape's REST API is still needed (e.g., for query via JDBC driver). Locking down the REST API to be read-only prevents clients from updating the repository content directly without going through the application(s).

      Attachments

        Activity

          People

            hchiorean Horia Chiorean (Inactive)
            rhauch Randall Hauch (Inactive)
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: