jackrabbit-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Marian Schedenig (qs)" <Marian.Schede...@qualysoft.com>
Subject Re: WebDAV and ACLs
Date Tue, 03 Mar 2009 13:49:34 GMT

Thanks for this feedback.


Angela Schreiber wrote:
> 
> for documentation please read the latest public review of jsr 283.
> there is not other further documentation available.
> 

Unfortunately, from what I can see, the public review pretty much only
states that access control is available and how permissions can be tested
through Session#checkPermission(). I guess I'll just have to browse through
the Jackrabbit classes (ACLProvider & co) to set permissions.


Angela Schreiber wrote:
> 
> for the principal-management LDAP story you need to write
> a custom PrincipalProvider or - alternatively - some tool that
> synchronizes the repository users with your LDAP.
> 

I've written a basic PrincipalProvider that wraps around my LDAP access
layer. I can't figure out how to configure Jackrabbit to use this provider
though. Also, I need access to the current session inside the provider, as
one type of LDAP we have to work with is an ActiveDirectory without
anonymous access, i.e. I need the currently authenticated principal's
credentials to access the LDAP.

I assume I also need a custom login module (as the principal provider
possibly can't work without valid credentials, and because I need to specify
how to authenticate a user anyway). Once these two are in place, can I
simply rely on the default principal, access and security managers to use
the ACL privileges already provided by Jackrabbit?

When all of this works, I suppose I just have to change my WebDAV handler
extensions to access Jackrabbit's ACLs through an ACLProvider instead of
accessing my own custom nodes.

Cheers,
Marian.

-- 
View this message in context: http://www.nabble.com/WebDAV-and-ACLs-tp22287762p22308954.html
Sent from the Jackrabbit - Users mailing list archive at Nabble.com.


Mime
View raw message