jackrabbit-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Angela Schreiber <anch...@day.com>
Subject Re: Workspace access denied exception
Date Thu, 03 Jun 2010 07:08:41 GMT

> Regarding your first two points would you be able to provide more
> information on how i would go about changing the example to allow two users.
> I am afraid my knowledge of jackrabbit and JCR 2.0 is still very basic. 

that were just my initial guesses what could be the reason for the problem.

> Do i have to change the way in which the users are created or do i have to
> change the defaultsecuritymanager impl so that it allow access to the root
> node?

in the current setup you could check if your user is allowed to
read the root node either by looking at the acl or by calling
jackrabbitaccesscontrolmanager#hasprivileges(path,principals,privs)

-> if your user was allowed to access the root node, then it
    could be a bug too.

alternatively you could

- change the securitymanager configuration to use a different
   implementation for the workspace access checks
   e.g. o.a.j.core.security.simple.SimpleWorkspaceAccessManager

   <SecurityManager class="..." ...>
      <WorkspaceAccessManager class="..."/>
   </SecurityManager>

- if you wish to avoid having an extra workspace storing your
   users and groups, you may use another sec-mgr implementation.
   e.g. o.a.j.core.UserPerWorkspaceSecurityManager
   this one stores users/groups separately in each workspace and
   allows to have different properties (user even different pw) in
   each workspace.

it depends a bit on your needs...
hope that helps

angela

> Many thanks for your time helping with this.
> 
> Regards
> 
> Will


Mime
View raw message