You should include one item-descriptor tag for each item descriptor in the underlying repository for which you want to specify access rights. Unlike the item-descriptor tag in the SQL repository, the item-descriptor tag in the secured repository has just one attribute, name, which must be the same as the name attribute in the underlying repository’s item-descriptor tag.

Example:

<item-descriptor name="feature">
  <descriptor-acl value="..."/>
  <owner-property name="..."/>
  <acl-property name="..."/>
...
</item-descriptor>
item-descriptor Child Tags

An item-descriptor tag can enclose the following child tags:

 
loading table of contents...