jackrabbit-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Marian Schedenig (qs)" <Marian.Schede...@qualysoft.com>
Subject Re: WebDAV and ACLs
Date Thu, 02 Apr 2009 16:24:25 GMT

Hi again,

I've finally gotten back to dealing with this and changed my approach. I now
have a working principal provider working with DefaultSecurityManager,
DefaultAccessManager and a slightly modified SimpleLoginModule (which takes
care of checking the credential's password against the LDAP directory). As
far as I can see, this already honors the JCR's ACL policies:

- On the root level, only the admin principal can write, everyone else (who
can be authenticated) can read.
- In a special sub folder, where I created a custom ACL policy for my own
user, this user can write.

So what's left now is the WebDAV part.

Angela Schreiber wrote:
> after all i'd say the prefered way would be to make your webdav
> resource implement
> the org.apache.jackrabbit.webdav.security.AclResource and let the
> implementation
> act on the AccessControlManager. but that's just my feeling... i
> didn't check whether
> it's feasible.

This sounds like a good (i.e. compatible) solution. After poking around in
the WebDAV servlet code, I've figured out that the servlet uses a
ResourceFactory to create new DavResource instances, none of which are
AclResources (obviously). The best way to get AclResources seems to be
creating a decorator adding the ACL bits fo the resources created by the
original ResourceFactoryImpl (or perhaps several decorators, depending on
which types of DavResource classes are actually expected by the servlet).

The part I haven't figured out yet is how to specify my own ResourceFactory
- the servlet has a setter method, but that never gets called (resulting in
it creating a new default instance the first time the factory is requested),
and I can't find anything in the config files, either. I'm developing this
on Tomcat (for now).


View this message in context: http://www.nabble.com/WebDAV-and-ACLs-tp22287762p22851106.html
Sent from the Jackrabbit - Users mailing list archive at Nabble.com.

View raw message