jackrabbit-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Micah Whitacre" <mkwhita...@gmail.com>
Subject Required Admin/System user
Date Fri, 29 Aug 2008 20:50:37 GMT
I noticed that progress was recently made on implementing the
access/security features of JSR 283 in the 1.5-SNAPSHOT.  After
pulling down the snapshots and without making any changes to my
repository.xml file I noticed what seems to be a nonpassive change.
In my repository.xml file I have:

    <Security appName="Jackrabbit">
        <AccessManager
            class="org.apache.jackrabbit.core.security.SimpleAccessManager">
        </AccessManager>
        <LoginModule
            class="org.apache.jackrabbit.core.security.simple.SimpleLoginModule">
        </LoginModule>
      <SecurityManager
class="org.apache.jackrabbit.core.security.simple.SimpleSecurityManager">
      </SecurityManager>
    </Security>

Notice I don't have any specific user configured as the admin or
system user.  I do this because I don't care what users can change
what in the repository (access is checked a level higher).  However
with this configuration I get the following exceptions when trying to
run:

Caused by: javax.jcr.AccessDeniedException: /: not allowed to modify item
	at org.apache.jackrabbit.core.ItemImpl.validateTransientItems(ItemImpl.java:411)
	at org.apache.jackrabbit.core.ItemImpl.save(ItemImpl.java:1058)
	at com.cerner.system.configuration.repository.jcr.JCRSession.<init>(JCRSession.java:126)
	... 26 more

The code that causes this exception is creating a child node of the
root node and specifically the exception is thrown on rootNode.save().

This change seems like it is non-passive, so I wasn't sure if this was
an intentional change or something I should log as a bug to track?  I
have figured out how to get around it by implementing/configuring a
custom login module but wanted to check that would be necessary.

Thanks for your help,
Micah

Mime
View raw message