jackrabbit-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Felix Meschberger <fmesc...@gmail.com>
Subject Re: Jackrabbit 1.5 Security
Date Fri, 19 Dec 2008 07:57:12 GMT
Hi Bertil,

Thanks for providing these examples.

But your configuration setup confuses me: You really mean, that there
must be two identical configuration setups: Once in jaas.config and one
in repository.xml ?

Regards
Felix

Bertil Chapuis schrieb:
> I just have forget the configuration.
> 
> A jaas.config file directly in the repository folder.
> 
> Jackrabbit {
>   org.apache.jackrabbit.core.security.authentication.DefaultLoginModule
> required anonymousId="anonymous" adminId="admin"
> };
> 
> And the following for the security manager in the repository.xml file.
> 
>     <Security appName="Jackrabbit">
> 
>         <SecurityManager
> class="org.apache.jackrabbit.core.DefaultSecurityManager"
> workspaceName="security"></SecurityManager>
> 
>         <AccessManager
> class="org.apache.jackrabbit.core.security.DefaultAccessManager"></AccessManager>
> 
>         <LoginModule
> class="org.apache.jackrabbit.core.security.authentication.DefaultLoginModule">
>  <param name="anonymousId" value="anonymous"/>
>            <!--
>               administrator user id (default value if param is missing
> is 'admin')
>             -->
>            <param name="adminId" value="admin"/>
>            <!--
>               optional parameter 'principalProvider'.
>               the value refers to the class name of the
> PrincipalProvider implementation.
>            -->
>            <!-- <param name="principalProvider" value="..."/> -->
>         </LoginModule>
>     </Security>
> 
> 
> Best regards,
> 
> Regards,
> 
> Bertil
> 
> 
> On Fri, Dec 19, 2008 at 8:37 AM, Bertil Chapuis <bchapuis@day.com
> <mailto:bchapuis@day.com>> wrote:
> 
>     Hi Dave,
> 
>     I just had made an example for that. There are probably better
>     solutions but here is the code (works only with Jackrabbit):
> 
>             // admin session
>             Repository repository = new TransientRepository();
>             SessionImpl session = (SessionImpl) repository.login(new
>     SimpleCredentials("admin", "admin".toCharArray()));
>            
>             // user management
>             UserManager userManager = session.getUserManager();
>            
>             User anonymous = (User)
>     userManager.getAuthorizable("anonymous");
>            
>             User user = (User) userManager.getAuthorizable("user");
>             if (user == null) user = userManager.createUser("user", "user");
> 
>             // right management
>             AccessControlManager accessControlManager =
>     session.getAccessControlManager();
>            
>             // forbid the view of the restricted area to anonymous
>             String restrictedArea = "/content/restrictedarea";
>             AccessControlPolicyIterator restrictedPolicies =
>     accessControlManager.getApplicablePolicies(restrictedArea);
>             JackrabbitAccessControlList restrictedPolicy =
>     (JackrabbitAccessControlList)
>     restrictedPolicies.nextAccessControlPolicy();
>             Privilege[] previewPrivileges =
>     accessControlManager.getSupportedPrivileges(restrictedArea);
>            
>             // also possible to set a map of restrictions
>             restrictedPolicy.addEntry(anonymous.getPrincipal(),
>     previewPrivileges, false);
>            
>             accessControlManager.setPolicy(restrictedArea,
>     restrictedPolicy);
>            
>             // apply the policy
>             session.save();
> 
>     If the node "/content/restrictedarea" exists in the repository, it
>     will only  be seen by the authentified users.
> 
>     Best Regards,
> 
>     Bertil Chapuis
> 
> 
> 
> 
>     On Thu, Dec 18, 2008 at 9:46 PM, daveg0
>     <bagel10002000@googlemail.com <mailto:bagel10002000@googlemail.com>>
>     wrote:
> 
> 
>         Hi,
> 
>         I have just built and deployed JackRabbit 1.5 and now want to
>         use some form
>         of Access Control on specific nodes.
> 
>         Is there any documentation about this or examples? From trawling
>         around the
>         source code, I can see that DefaultAccessManager,
>         DefaultLoginModule,
>         UserManagerImpl and DefaultLoginModule could be useful, but how
>         do I tie all
>         these together.
> 
>         For example how do I populate the repository with Users
>         initially, must I
>         use SimpleLogonModule to create the users and then switch over
>         to the
>         DefaultLoginModule. How do I configure these components in
>         repository.xml?
> 
>         regards,
> 
>         Dave Gough
> 
> 
>         --
>         View this message in context:
>         http://www.nabble.com/Jackrabbit-1.5-Security-tp21080602p21080602.html
>         Sent from the Jackrabbit - Users mailing list archive at Nabble.com.
> 
> 
> 

Mime
View raw message