jackrabbit-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Magnus Grimsell" <magnus.grims...@idainfront.se>
Subject SV: how does authorization works in jackrabbit?
Date Sun, 01 Oct 2006 19:47:21 GMT
Hi Michael,

Yes, I do mean access control.

After looking through the code it seems like the AccessManager will get invoked for every
hit in the result list.
I would like to implement a simple access control scheme based on node type. From a performance
point of view 
it would be good to avoid a check for every hit. On the other hand its simple to implement
a custom QueryManager that
narrows the search to only include the node types that the subject has access rights to, right?

Is there a suitable place to do the access control check that does not get called when performing
searches?

/Magnus

-----Ursprungligt meddelande-----
Från: Michael Neale [mailto:michael.neale@gmail.com]
Skickat: den 1 oktober 2006 19:00
Till: users@jackrabbit.apache.org
Ämne: Re: how does authorization works in jackrabbit?


Hi Magnus.
Firstly, I think by authorisation in this context you mean access control?
(authorisation is via JAAS I believe).

I worked out a little by plugging in a dummy AccessManager and looked at the
callbacks. I did not try it with searching though, but I gather it will use
it to honour the access rules with returning results - thus your acess list
lookups better be really fast and in memory !

Anyone else with real experience, please do share !

On 10/1/06, Magnus Grimsell <magnus.grimsell@idainfront.se> wrote:
>
> I would like to learn more how JackRabbit handles authorization to the
> repository content. Especially when it comes to searching.
> I've seen that there is a plugable AccessManager but I'm not sure how this
> is used to filter the search result.
> Can somebody point me to some documentation or where in the code to look?
>

Mime
View raw message