jackrabbit-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Mihai Vasilache <mihai_vasila...@yahoo.com>
Subject Re: providing authorized access to users in repository (the Capability Model vs. ACL)
Date Mon, 07 Sep 2009 12:27:40 GMT
Hi,

I wrote some explanations on:
http://interfacesdesign.blogspot.com/2009/09/jaas-in-jackrabbit.html

Now i am realizing that my capability model approach it is quite complicated. But anyway...
You can try the default jackrabbit acl. it must be much easier. 

I like my implementation because is xpath based, i can use variables inside xpath and i do
not need to set acl permissions on each node i am creating.


Mihai

--- On Mon, 9/7/09, Mihai Vasilache <mihai_vasilache@yahoo.com> wrote:

From: Mihai Vasilache <mihai_vasilache@yahoo.com>
Subject: Re: providing authorized access to users in repository
To: users@jackrabbit.apache.org
Date: Monday, September 7, 2009, 8:47 AM

Actually i implemented the security using capability model instead ACL in my application.
I will send later some details.
The ideea is that you must understand jaas first (not so easy because there is not so much
documentation), then you must implement an org.apache.jackrabbit.core.security.AccessManager

a good start with some examples: http://www.jaasbook.com/

Mihai
--- On Fri, 9/4/09, Jukka Zitting <jukka.zitting@gmail.com> wrote:

From: Jukka Zitting <jukka.zitting@gmail.com>
Subject: Re: providing authorized access to users in repository
To: users@jackrabbit.apache.org
Date: Friday, September 4, 2009, 3:43 PM

Hi,

On Tue, Sep 1, 2009 at 12:10 PM, simer anand<simer.anand88@gmail.com> wrote:
>                   After following much about JAAS tutorials and also
> implemented the Jaas Authentication part  need to know about Jaas
> Authorizations. To do this i read the Jaas Authentication part but don't
> know how to implement it to repository so that different access is to be
> provided to the the nodes depending upon users.

Currently Jackrabbit only uses JAAS for authentication. Authorization
is based on an ACL-system specified in the JCR 2.0 drafts.

You can also extend Jackrabbit with a custom authorization mechanism
(including one based on JAAS) by implementing the internal Jackrabbit
security API.

BR,

Jukka Zitting

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message