...
MAYBE (Bruce thought he saw it was, but Dave found a comment to the contrary) - fine grained authorization/security (would need to know how users and groups are represented)
Additional comments from Dave:
The JBOSS DNA project didn't actually implement authorization, just authentication (with JAAS):
http://docs.jboss.org/jbossdna/0.2/manuals/reference/html/environment.html#authorization
Jackrabbit's JCR 2.0 impl ... looks like they DID implement a nice looking Node-level hierarchical authorization scheme. Their wiki discusses the features and pros/cons for the different styles of authZ:
http://wiki.apache.org/jackrabbit/AccessControl?highlight=%28authorization%29
but the API clearly has Resource (Node) based authorization actually implemented in it:
http://jackrabbit.apache.org/api/2.2/org/apache/jackrabbit/api/security/JackrabbitAccessControlList.html
Given that and their nice SVN/CVS like versioning, the 2.0 spec impl looks a lot more attractive that the 1.x impl.
YES, by leveraging content nodes to represent this metadata - meta data for users and groups
...