jackrabbit-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Cheng Zhang <zhangyongji...@yahoo.com>
Subject Re: limit user's permission to read only
Date Tue, 30 Dec 2008 19:35:30 GMT
The problem is gone after I recreate the repository. Thank you, Todd.

-Kevin



----- Original Message ----
From: Todd Seiber <todd.seiber@gmail.com>
To: users@jackrabbit.apache.org
Sent: Monday, December 29, 2008 1:28:03 PM
Subject: Re: limit user's permission to read only

I have run this code against a newly initialized repositry and it is working
for me. How are you testing? Is it possible that there are other permissions
which are granting access?

On Mon, Dec 29, 2008 at 2:10 PM, Cheng Zhang <zhangyongjiang@yahoo.com>wrote:

> Hi,
>
> I'm new to Jackrabbit. Can anybody share me a piece of code about how to
> limit user's repository permission to read-only? My code below doesn't work.
>
>            Repository repo =
> RepositoryAccessServlet.getRepository(pageContext.getServletContext());
>            SessionImpl jcrsession = (SessionImpl) repo.login(new
> SimpleCredentials("admin", "admin".toCharArray()));
>            UserManager userManager = jcrsession.getUserManager();
>            User user = (User) userManager.getAuthorizable("anonymous");
>            AccessControlManager accessControlManager =
> jcrsession.getAccessControlManager();
>            String restrictedArea = "/";
>
>  org.apache.jackrabbit.api.jsr283.security.AccessControlPolicyIterator
> restrictedPolicies =
>                accessControlManager.getApplicablePolicies(restrictedArea);
>
>  org.apache.jackrabbit.core.security.authorization.JackrabbitAccessControlList
> restrictedPolicy =
>
>  (org.apache.jackrabbit.core.security.authorization.JackrabbitAccessControlList)
> restrictedPolicies.nextAccessControlPolicy();
>            Privilege[] readonlyPrivileges = {
>
>  accessControlManager.privilegeFromName(Privilege.JCR_READ),
>
>  accessControlManager.privilegeFromName(Privilege.JCR_READ_ACCESS_CONTROL),
>            };
>
>            restrictedPolicy.addEntry(user.getPrincipal(),
> readonlyPrivileges, true);
>            accessControlManager.setPolicy(restrictedArea,
> restrictedPolicy);
>
>            jcrsession.save();
>            jcrsession.logout();
>
>
> Your kind help is appreciated greatly.
>
> Thanks a lot,
> Kevin
>



-- 
Todd Seiber
830 Fishing Creek Rd.
New Cumberland, PA 17070

h. 717-938-5778
c. 717-497-1742
e. todd.seiber@gmail.com


Mime
View raw message