1. Get an administrative resource resolver -- will have admin access even without passing any credentials and depreciated as it is not good practice. As it will give full access to add/delete/modify to the nodes for all requests.
3. Resource resolver from the request in a servlet (hit on author) after providing admin credentials as "basic authentication" say in postman. -- Will have the access of the logged in user, if user is admin, we can get admin access from request or if user is not having delete access, performing delete will throw exception