Return-Path: Delivered-To: apmail-jackrabbit-users-archive@minotaur.apache.org Received: (qmail 81329 invoked from network); 10 Mar 2009 22:28:36 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.2) by minotaur.apache.org with SMTP; 10 Mar 2009 22:28:36 -0000 Received: (qmail 56377 invoked by uid 500); 10 Mar 2009 22:28:34 -0000 Delivered-To: apmail-jackrabbit-users-archive@jackrabbit.apache.org Received: (qmail 56366 invoked by uid 500); 10 Mar 2009 22:28:34 -0000 Mailing-List: contact users-help@jackrabbit.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: users@jackrabbit.apache.org Delivered-To: mailing list users@jackrabbit.apache.org Received: (qmail 56355 invoked by uid 99); 10 Mar 2009 22:28:34 -0000 Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 10 Mar 2009 15:28:34 -0700 X-ASF-Spam-Status: No, hits=2.2 required=10.0 tests=HTML_MESSAGE,SPF_PASS X-Spam-Check-By: apache.org Received-SPF: pass (nike.apache.org: domain of Erik.W.Mattheis@espn.com designates 192.234.2.156 as permitted sender) Received: from [192.234.2.156] (HELO mx003.espn.com) (192.234.2.156) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 10 Mar 2009 22:28:26 +0000 Received: from xchgrtr4.corp.espn.pvt (xchgrtr4.corp.espn.pvt [172.17.129.104]) by mx003.espn.com (8.14.3/8.14.3) with ESMTP id n2AMS4Fn027348 for ; Tue, 10 Mar 2009 18:28:05 -0400 Received: from XCHGBRSHUB2.corp.espn.pvt ([172.22.236.93]) by xchgrtr4.corp.espn.pvt with Microsoft SMTPSVC(6.0.3790.3959); Tue, 10 Mar 2009 18:28:04 -0400 Received: from xchgbrs2.corp.espn.pvt ([fe80::69c1:fd6e:238d:4826]) by XCHGBRSHUB2.corp.espn.pvt ([172.22.236.93]) with mapi; Tue, 10 Mar 2009 18:28:04 -0400 From: "Mattheis, Erik W." To: "users@jackrabbit.apache.org" Date: Tue, 10 Mar 2009 18:28:03 -0400 Subject: ACL Tutorial Thread-Topic: ACL Tutorial Thread-Index: Acmhz3nEtI1ZRe92N0mTm58vpDfufA== Message-ID: Accept-Language: en-US Content-Language: en X-MS-Has-Attach: X-MS-TNEF-Correlator: acceptlanguage: en-US Content-Type: multipart/alternative; boundary="_000_C5DC61B3423Berikwmattheisespncom_" MIME-Version: 1.0 X-OriginalArrivalTime: 10 Mar 2009 22:28:04.0679 (UTC) FILETIME=[7AC4CD70:01C9A1CF] X-Virus-Checked: Checked by ClamAV on apache.org --_000_C5DC61B3423Berikwmattheisespncom_ Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Is there a guide to using the ACL features in 1.5? I've started digging int= o the extension points and it seems pretty straightforward, but I'm not cle= ar on the default behavior. I'm using JBoss with a custom JAAS LoginModule = that authenticates users against our corporate directory and fetches their = roles. We use this loginmodule for existing web and ejb applications so I k= now the standard role-based security works. It looks like I can set the app= ropriate JAAS name in the repository configuration and my roles will be ava= ilable to Jackrabbit. The part I'm fuzzy on is how to map roles to read/wri= te permissions at the node level. Any help is greatly appreciated... --_000_C5DC61B3423Berikwmattheisespncom_--