jackrabbit-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Angela Schreiber <anch...@day.com>
Subject Re: Jackrabbit Security -> commit to trunk
Date Wed, 19 Mar 2008 14:15:10 GMT
hi all

committed to the trunk

there were more devs recommending a commit to the
trunk. in initial commit is present with revision 638834.

as stated in my original mail, the full 283 compliant
ac stuff is not completed yet (and major parts are still
not tested very well).

simple implementation to ease of transition

in order not to cause to much troubles for the
other committers, i created a replacement for the
existing 'SimpleAccessManager' that applies the
original logic but still make a first step toward
JSR 283 security functionality.

test are passing

this SimpleSecurityManager is currently used with the
default configuration both in jackrabbit-core and in jcr2spi.
existing tests all passed and i didn't detect
major problems while build the complete jackrabbit.

next steps

once the security stuff is more mature this simple
solution will be replace by DefaultSecurityManager
and some real, editable and more complex ac-policy


if you are curious about that, you may change the
repository configuration to have
- SecurityManager element -> o.a.j.core.DefaultSecurityManager.java
- AccessManager element -> o.a.j.core.security.DefaultAccessManager.java
- LoginModule element -> 
- make sure the repositoryStubImpl.properties refer to
   existing users.

kind regards

ps: i was struggling with the DOCTYPE in the various
repository.xml files and decided to temporarily modify
the link to the DTD to point to
instead of the http://jackrabbit.apache.org/dtd/repository-1.5.dtd
(which turned out to have a bug). sorry for that!

View raw message