jackrabbit-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Bertil Chapuis" <bchap...@day.com>
Subject Re: Jackrabbit 1.5 Security
Date Fri, 19 Dec 2008 07:48:57 GMT
I just have forget the configuration.

A jaas.config file directly in the repository folder.

Jackrabbit {
  org.apache.jackrabbit.core.security.authentication.DefaultLoginModule
required anonymousId="anonymous" adminId="admin"
};

And the following for the security manager in the repository.xml file.

    <Security appName="Jackrabbit">

        <SecurityManager
class="org.apache.jackrabbit.core.DefaultSecurityManager"
workspaceName="security"></SecurityManager>

        <AccessManager
class="org.apache.jackrabbit.core.security.DefaultAccessManager"></AccessManager>

        <LoginModule
class="org.apache.jackrabbit.core.security.authentication.DefaultLoginModule">
 <param name="anonymousId" value="anonymous"/>
           <!--
              administrator user id (default value if param is missing is
'admin')
            -->
           <param name="adminId" value="admin"/>
           <!--
              optional parameter 'principalProvider'.
              the value refers to the class name of the PrincipalProvider
implementation.
           -->
           <!-- <param name="principalProvider" value="..."/> -->
        </LoginModule>
    </Security>


Best regards,

Regards,

Bertil


On Fri, Dec 19, 2008 at 8:37 AM, Bertil Chapuis <bchapuis@day.com> wrote:

> Hi Dave,
>
> I just had made an example for that. There are probably better solutions
> but here is the code (works only with Jackrabbit):
>
>         // admin session
>         Repository repository = new TransientRepository();
>         SessionImpl session = (SessionImpl) repository.login(new
> SimpleCredentials("admin", "admin".toCharArray()));
>
>         // user management
>         UserManager userManager = session.getUserManager();
>
>         User anonymous = (User) userManager.getAuthorizable("anonymous");
>
>         User user = (User) userManager.getAuthorizable("user");
>         if (user == null) user = userManager.createUser("user", "user");
>
>         // right management
>         AccessControlManager accessControlManager =
> session.getAccessControlManager();
>
>         // forbid the view of the restricted area to anonymous
>         String restrictedArea = "/content/restrictedarea";
>         AccessControlPolicyIterator restrictedPolicies =
> accessControlManager.getApplicablePolicies(restrictedArea);
>         JackrabbitAccessControlList restrictedPolicy =
> (JackrabbitAccessControlList) restrictedPolicies.nextAccessControlPolicy();
>         Privilege[] previewPrivileges =
> accessControlManager.getSupportedPrivileges(restrictedArea);
>
>         // also possible to set a map of restrictions
>         restrictedPolicy.addEntry(anonymous.getPrincipal(),
> previewPrivileges, false);
>
>         accessControlManager.setPolicy(restrictedArea, restrictedPolicy);
>
>         // apply the policy
>         session.save();
>
> If the node "/content/restrictedarea" exists in the repository, it will
> only  be seen by the authentified users.
>
> Best Regards,
>
> Bertil Chapuis
>
>
>
>
> On Thu, Dec 18, 2008 at 9:46 PM, daveg0 <bagel10002000@googlemail.com>wrote:
>
>>
>> Hi,
>>
>> I have just built and deployed JackRabbit 1.5 and now want to use some
>> form
>> of Access Control on specific nodes.
>>
>> Is there any documentation about this or examples? From trawling around
>> the
>> source code, I can see that DefaultAccessManager, DefaultLoginModule,
>> UserManagerImpl and DefaultLoginModule could be useful, but how do I tie
>> all
>> these together.
>>
>> For example how do I populate the repository with Users initially, must I
>> use SimpleLogonModule to create the users and then switch over to the
>> DefaultLoginModule. How do I configure these components in repository.xml?
>>
>> regards,
>>
>> Dave Gough
>>
>>
>> --
>> View this message in context:
>> http://www.nabble.com/Jackrabbit-1.5-Security-tp21080602p21080602.html
>> Sent from the Jackrabbit - Users mailing list archive at Nabble.com.
>>
>>
>

Mime
View raw message