it depends on the jackrabbit version you are using
prior to 1.5:
- jackrabbit shipps with a simple LoginModule for authentication
- ... and with a simple Access Manager to handle authorization
- in order to achieve your goals you would need to write your
own LoginModule and AccessManager implementation
- and configure them in the repository.xml
jackrabbit 1.5 in addition contains
- early state implementation for the upcoming jsr283 security
functionality (access control management) and
jackrabbit specific extensions for user management.
but this is still work in progress and may undergo
- due to this fact the standard repository configuration
doesn't expose that new functionality by default but
still the simple version.
- see the o.a.j.jackrabbit/api/jsr283/security and
o.a.j.jackrabbit/api/security sections to get some
ideas what's going to be present.
> HI everyone:
> I login with "admin" and created a user "a" and didn' t join any group
> , however the user "a" can create all delete node and seems to have all
> privileges to handle the default workspace. why ? can I realize the
> authentication to handle the workspace. For example , only I grant
> privilege to a user , the user will have the privilege to handle the
> specified path's nodes?