jackrabbit-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Bertil Chapuis" <bchap...@day.com>
Subject Re: Jackrabbit 1.5 Security
Date Fri, 19 Dec 2008 08:11:54 GMT
Hi Felix,

Your are right. I have run the example without the jaas.config file and it
works.

Regards,

Bertil




On Fri, Dec 19, 2008 at 8:57 AM, Felix Meschberger <fmeschbe@gmail.com>wrote:

> Hi Bertil,
>
> Thanks for providing these examples.
>
> But your configuration setup confuses me: You really mean, that there
> must be two identical configuration setups: Once in jaas.config and one
> in repository.xml ?
>
> Regards
> Felix
>
> Bertil Chapuis schrieb:
> > I just have forget the configuration.
> >
> > A jaas.config file directly in the repository folder.
> >
> > Jackrabbit {
> >   org.apache.jackrabbit.core.security.authentication.DefaultLoginModule
> > required anonymousId="anonymous" adminId="admin"
> > };
> >
> > And the following for the security manager in the repository.xml file.
> >
> >     <Security appName="Jackrabbit">
> >
> >         <SecurityManager
> > class="org.apache.jackrabbit.core.DefaultSecurityManager"
> > workspaceName="security"></SecurityManager>
> >
> >         <AccessManager
> >
> class="org.apache.jackrabbit.core.security.DefaultAccessManager"></AccessManager>
> >
> >         <LoginModule
> >
> class="org.apache.jackrabbit.core.security.authentication.DefaultLoginModule">
> >  <param name="anonymousId" value="anonymous"/>
> >            <!--
> >               administrator user id (default value if param is missing
> > is 'admin')
> >             -->
> >            <param name="adminId" value="admin"/>
> >            <!--
> >               optional parameter 'principalProvider'.
> >               the value refers to the class name of the
> > PrincipalProvider implementation.
> >            -->
> >            <!-- <param name="principalProvider" value="..."/> -->
> >         </LoginModule>
> >     </Security>
> >
> >
> > Best regards,
> >
> > Regards,
> >
> > Bertil
> >
> >
> > On Fri, Dec 19, 2008 at 8:37 AM, Bertil Chapuis <bchapuis@day.com
> > <mailto:bchapuis@day.com>> wrote:
> >
> >     Hi Dave,
> >
> >     I just had made an example for that. There are probably better
> >     solutions but here is the code (works only with Jackrabbit):
> >
> >             // admin session
> >             Repository repository = new TransientRepository();
> >             SessionImpl session = (SessionImpl) repository.login(new
> >     SimpleCredentials("admin", "admin".toCharArray()));
> >
> >             // user management
> >             UserManager userManager = session.getUserManager();
> >
> >             User anonymous = (User)
> >     userManager.getAuthorizable("anonymous");
> >
> >             User user = (User) userManager.getAuthorizable("user");
> >             if (user == null) user = userManager.createUser("user",
> "user");
> >
> >             // right management
> >             AccessControlManager accessControlManager =
> >     session.getAccessControlManager();
> >
> >             // forbid the view of the restricted area to anonymous
> >             String restrictedArea = "/content/restrictedarea";
> >             AccessControlPolicyIterator restrictedPolicies =
> >     accessControlManager.getApplicablePolicies(restrictedArea);
> >             JackrabbitAccessControlList restrictedPolicy =
> >     (JackrabbitAccessControlList)
> >     restrictedPolicies.nextAccessControlPolicy();
> >             Privilege[] previewPrivileges =
> >     accessControlManager.getSupportedPrivileges(restrictedArea);
> >
> >             // also possible to set a map of restrictions
> >             restrictedPolicy.addEntry(anonymous.getPrincipal(),
> >     previewPrivileges, false);
> >
> >             accessControlManager.setPolicy(restrictedArea,
> >     restrictedPolicy);
> >
> >             // apply the policy
> >             session.save();
> >
> >     If the node "/content/restrictedarea" exists in the repository, it
> >     will only  be seen by the authentified users.
> >
> >     Best Regards,
> >
> >     Bertil Chapuis
> >
> >
> >
> >
> >     On Thu, Dec 18, 2008 at 9:46 PM, daveg0
> >     <bagel10002000@googlemail.com <mailto:bagel10002000@googlemail.com>>
> >     wrote:
> >
> >
> >         Hi,
> >
> >         I have just built and deployed JackRabbit 1.5 and now want to
> >         use some form
> >         of Access Control on specific nodes.
> >
> >         Is there any documentation about this or examples? From trawling
> >         around the
> >         source code, I can see that DefaultAccessManager,
> >         DefaultLoginModule,
> >         UserManagerImpl and DefaultLoginModule could be useful, but how
> >         do I tie all
> >         these together.
> >
> >         For example how do I populate the repository with Users
> >         initially, must I
> >         use SimpleLogonModule to create the users and then switch over
> >         to the
> >         DefaultLoginModule. How do I configure these components in
> >         repository.xml?
> >
> >         regards,
> >
> >         Dave Gough
> >
> >
> >         --
> >         View this message in context:
> >
> http://www.nabble.com/Jackrabbit-1.5-Security-tp21080602p21080602.html
> >         Sent from the Jackrabbit - Users mailing list archive at
> Nabble.com.
> >
> >
> >
>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message