Return-Path: Delivered-To: apmail-jackrabbit-dev-archive@www.apache.org Received: (qmail 98248 invoked from network); 26 Feb 2009 09:05:44 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.2) by minotaur.apache.org with SMTP; 26 Feb 2009 09:05:44 -0000 Received: (qmail 6186 invoked by uid 500); 26 Feb 2009 09:05:43 -0000 Delivered-To: apmail-jackrabbit-dev-archive@jackrabbit.apache.org Received: (qmail 6164 invoked by uid 500); 26 Feb 2009 09:05:43 -0000 Mailing-List: contact dev-help@jackrabbit.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@jackrabbit.apache.org Delivered-To: mailing list dev@jackrabbit.apache.org Received: (qmail 6155 invoked by uid 99); 26 Feb 2009 09:05:43 -0000 Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136) by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 26 Feb 2009 01:05:43 -0800 X-ASF-Spam-Status: No, hits=-0.0 required=10.0 tests=SPF_PASS X-Spam-Check-By: apache.org Received-SPF: pass (athena.apache.org: domain of anchela@day.com designates 207.126.148.181 as permitted sender) Received: from [207.126.148.181] (HELO eu3sys201aog001.obsmtp.com) (207.126.148.181) by apache.org (qpsmtpd/0.29) with SMTP; Thu, 26 Feb 2009 09:05:34 +0000 Received: from source ([72.14.220.152]) by eu3sys201aob001.postini.com ([207.126.154.11]) with SMTP ID DSNKSaZbSLxPRN3ZSOY/YiR6V7oQy+D213Xw@postini.com; Thu, 26 Feb 2009 09:05:14 UTC Received: by fg-out-1718.google.com with SMTP id 19so430078fgg.6 for ; Thu, 26 Feb 2009 01:05:11 -0800 (PST) Received: by 10.86.60.14 with SMTP id i14mr908743fga.21.1235639111767; Thu, 26 Feb 2009 01:05:11 -0800 (PST) Received: from ?10.0.0.120? (bsl-rtr.day.com [62.192.10.254]) by mx.google.com with ESMTPS id 12sm4283120fgg.43.2009.02.26.01.05.11 (version=TLSv1/SSLv3 cipher=RC4-MD5); Thu, 26 Feb 2009 01:05:11 -0800 (PST) Message-ID: <49A65BE2.5070201@day.com> Date: Thu, 26 Feb 2009 10:07:46 +0100 From: Angela Schreiber User-Agent: Thunderbird 2.0.0.18 (Windows/20081105) MIME-Version: 1.0 To: dev@jackrabbit.apache.org Subject: Re: Authentication about Jackrabbit References: <200902261629157039404@gmail.com> In-Reply-To: <200902261629157039404@gmail.com> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-Virus-Checked: Checked by ClamAV on apache.org hi yanjie it depends on the jackrabbit version you are using prior to 1.5: - jackrabbit shipps with a simple LoginModule for authentication - ... and with a simple Access Manager to handle authorization - in order to achieve your goals you would need to write your own LoginModule and AccessManager implementation - and configure them in the repository.xml jackrabbit 1.5 in addition contains - early state implementation for the upcoming jsr283 security functionality (access control management) and jackrabbit specific extensions for user management. but this is still work in progress and may undergo heavy changes. - due to this fact the standard repository configuration doesn't expose that new functionality by default but still the simple version. - see the o.a.j.jackrabbit/api/jsr283/security and o.a.j.jackrabbit/api/security sections to get some ideas what's going to be present. regards angela yanjie wrote: > > HI everyone: > I login with "admin" and created a user "a" and didn' t join any group > , however the user "a" can create all delete node and seems to have all > privileges to handle the default workspace. why ? can I realize the > authentication to handle the workspace. For example , only I grant > privilege to a user , the user will have the privilege to handle the > specified path's nodes? > > Thanks! > > 2009-02-26 > yanjie