You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@jackrabbit.apache.org by "angela (Commented) (JIRA)" <ji...@apache.org> on 2012/01/03 16:14:39 UTC

[jira] [Commented] (JCR-2859) Make open scoped locks recoverable

    [ https://issues.apache.org/jira/browse/JCR-2859?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13178768#comment-13178768 ] 

angela commented on JCR-2859:
-----------------------------

imo loosing a lock token should be considered a mistake with the API consumer rather than something that
occurs on a regular basis. while i am fine with providing a fallback in case the token is indeed lost, i am
therefore not convinced that having a group that is allowed to see all lock tokens in the repository would be
a wise move. apart from the fact that i consider this an edge case that should not be used on a regular
basis, being member of a given group will not guarantee that a given user is allowed to lock/unlock a
given node but only expose the lock token (in contrast to the admin).

thus, i'm in favor of the latest patch by julian. however, -1 for allow breaking locks based on group membership.

                
> Make open scoped locks recoverable
> ----------------------------------
>
>                 Key: JCR-2859
>                 URL: https://issues.apache.org/jira/browse/JCR-2859
>             Project: Jackrabbit Content Repository
>          Issue Type: New Feature
>          Components: locks
>    Affects Versions: 2.2
>            Reporter: Carsten Ziegeler
>            Assignee: Julian Reschke
>         Attachments: JCR-2859.diff, JCR-2859.patch, OpenScopeLockTest.java
>
>
> The lock tokens for open scoped locks are currently tied to the session which created the lock. If the session dies (for whatever reason) there is no way to recover the lock and unlock the node.
> There is a theoretical way of adding the lock token to another session, but in most cases the lock token is not available.
> Fortunately, the spec allows to relax this behaviour and I think it would make sense to allow all sessions from the same user to unlock the node - this is still in compliance with the spec but would make unlocked locked nodes possible in a programmatic way.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira