jackrabbit-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Angela Schreiber <anch...@day.com>
Subject Re: Jackrabbit 1.5 ACL Basics
Date Thu, 08 Jan 2009 11:49:05 GMT

> I found the builtin_nodetypes.xml file in the
> org.apache.jackrabbit.core.nodetype package that has helped me understand
> what the hierarchy must look like. 

the hierarchy doen't have to look like that.
it is the access control evaluation system used that
defines on whether the security content is stored within
the repository or if it isn't. and if this is the case how
the structure needs to look like.

the node type definitions present with the buildin-nodetypes
just represent the structure used by the examples i listed
in the previous mail. this isn't mandatory at all.

> I've concluded any node can be access
> controlled by assigning it the "rep:AccessControllable" mixin type, giving
> it a child node of primary type "rep:ACL" and this last one must have one
> child node of primary type "rep:ACE" for each entry in the list. If it's not
> too much asking, I'd appreciate anyone having a good understanding on this
> area to confirm my conclusion.

you shouldn't have to care about the content structure
after all. all you should need to do is using the security
API:

- getting the AccessControlManager from the session.
- retrieving the applicable policies for a specific node
- ev. modify the policies if possible (e.g. if it is
   an implementation of AccessControlList or some other
   modifiable implementation of the AccessControlPolicy).
- use AccessControlManager#setPolicy to place the policy
- and call save to have the policy taking effect.

hope that helps
angela


Mime
View raw message