jackrabbit-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Bertil Chapuis" <bchap...@day.com>
Subject Re: Jackrabbit 1.5 Security
Date Fri, 19 Dec 2008 07:37:05 GMT
Hi Dave,

I just had made an example for that. There are probably better solutions but
here is the code (works only with Jackrabbit):

        // admin session
        Repository repository = new TransientRepository();
        SessionImpl session = (SessionImpl) repository.login(new
SimpleCredentials("admin", "admin".toCharArray()));

        // user management
        UserManager userManager = session.getUserManager();

        User anonymous = (User) userManager.getAuthorizable("anonymous");

        User user = (User) userManager.getAuthorizable("user");
        if (user == null) user = userManager.createUser("user", "user");

        // right management
        AccessControlManager accessControlManager =
session.getAccessControlManager();

        // forbid the view of the restricted area to anonymous
        String restrictedArea = "/content/restrictedarea";
        AccessControlPolicyIterator restrictedPolicies =
accessControlManager.getApplicablePolicies(restrictedArea);
        JackrabbitAccessControlList restrictedPolicy =
(JackrabbitAccessControlList) restrictedPolicies.nextAccessControlPolicy();
        Privilege[] previewPrivileges =
accessControlManager.getSupportedPrivileges(restrictedArea);

        // also possible to set a map of restrictions
        restrictedPolicy.addEntry(anonymous.getPrincipal(),
previewPrivileges, false);

        accessControlManager.setPolicy(restrictedArea, restrictedPolicy);

        // apply the policy
        session.save();

If the node "/content/restrictedarea" exists in the repository, it will
only  be seen by the authentified users.

Best Regards,

Bertil Chapuis



On Thu, Dec 18, 2008 at 9:46 PM, daveg0 <bagel10002000@googlemail.com>wrote:

>
> Hi,
>
> I have just built and deployed JackRabbit 1.5 and now want to use some form
> of Access Control on specific nodes.
>
> Is there any documentation about this or examples? From trawling around the
> source code, I can see that DefaultAccessManager, DefaultLoginModule,
> UserManagerImpl and DefaultLoginModule could be useful, but how do I tie
> all
> these together.
>
> For example how do I populate the repository with Users initially, must I
> use SimpleLogonModule to create the users and then switch over to the
> DefaultLoginModule. How do I configure these components in repository.xml?
>
> regards,
>
> Dave Gough
>
>
> --
> View this message in context:
> http://www.nabble.com/Jackrabbit-1.5-Security-tp21080602p21080602.html
> Sent from the Jackrabbit - Users mailing list archive at Nabble.com.
>
>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message