Skip to content
Permalink
Browse files
Update oak-doc/src/site/markdown/security/authorization/bestpractices.md
Co-authored-by: Jörg Hoh <joerghoh@users.noreply.github.com>
  • Loading branch information
anchela and joerghoh committed May 18, 2022
1 parent 3e97945 commit ce2698211da817a3789c8f98032fdb8de219183b
Showing 1 changed file with 1 addition and 1 deletion.
@@ -96,7 +96,7 @@ given role/task

All authorization models present with Apache Jackrabbbit Oak start without any access granted by default i.e.
implicit deny everywhere. It is therefore recommended to only grant access where needed and avoid adding explicit
deny access control entries. In particular in combination with subsequent allows the overall effect will be hard to
deny access control entries. In particular in combination with subsequent ```allow``` rules the overall effect will be hard to
understand as soon as multiple principals are contained in a given subject.

Be wary if you find yourself adding combinations of denies and allows as it might highlight problematic patterns in

0 comments on commit ce26982

Please sign in to comment.