jackrabbit-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From David Brossard <david.bross...@gmail.com>
Subject Access Control in Jackrabbit
Date Thu, 25 Feb 2010 16:31:01 GMT
Hi folks,

I am new to this list and to Jackrabbit. My interest lies mainly in JCR
rather than Jackrabbit per se...

I downloaded and started running Jackrabbit on top of my own webapp. Very
smooth beginning, no probs. I wanted to play around with security so I:

(a) had a look at repository.xml
(b) edited <AccessManager class=" to point to a class I wrote and that is an
exact copy of org.apache.jackrabbit.core.security.simple.SimpleAccessManager
(c) started looking at the session and the context objects

>From what I can see I can find the subject object which lets me know who
authenticated. I can also retrieve the userid from the session...

But I would now like to know what node the user is trying to access. If I
want some smart access control, it should take into account the target of
the user's request. I couldn't find anything like that.

In addition, what is the AccessControlManager and what policies is it
referring to?


View raw message