jackrabbit-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jan Michalica <jan.michal...@centire.com>
Subject Re: ACL and jackrabbit security configuration
Date Fri, 05 Feb 2010 15:52:38 GMT
Thank you many times, that is exactly what I was looking for.

Dne středa 03 února 2010 20:21:37 Ben Short napsal(a):
> You now have to create users/groups and set the ALC on the nodes you want
> those users to access.
>
> You can get the UserManager as follows...
>
>
> Session session = repository.login(new SimpleCredentials("admin",
> "admin".toCharArray()));
>
> UserManager um = ((JackrabbitSession) session).getUserManager();
>
> User user = um.createUser("john", "doe");
>
>
> And assign some ALC as follows...
>
> AccessControlManager acm = session.getAccessControlManager();
>
> AccessControlPolicyIterator it =
> acm.getApplicablePolicies(testRootNode.getPath());
>                while ( it.hasNext() ) {
>                        AccessControlPolicy acp =
> it.nextAccessControlPolicy();
>
>                        Privilege[] privileges =
> new Privilege[]{acm.privilegeFromName(Privilege.JCR_WRITE)};
>
>
>  ((AccessControlList)acp).addAccessControlEntry(new
> PrincipalImpl(user.getUserID()),
> privileges);
>
>                        acm .setPolicy(testRootNode.getPath(), acp);
>                }
>
> I hope this is of some help to you.
>
> Also have a look at the security unit tests here [1]
>
> [1]
> http://svn.apache.org/repos/asf/jackrabbit/branches/2.0/jackrabbit-jcr-test
>s/src/main/java/org/apache/jackrabbit/test/api/security/
>
> On 3 February 2010 16:14, Jan Michalica <jan.michalica@centire.com> wrote:
> > Hi, I have tried to do so, but now no one (except admin and anonymous) is
> > able
> > to log in to repository. How do I configure DefaultLoginModule so that
> > anyone
> > can log in?
> >
> > Dne středa 03 února 2010 16:07:28 Ben Short napsal(a):
> > > You need to configure Jackrabbit to use the DefaultAccessManager,
> > > DefaultLoginModule
> > > and DefaultSecurityManager
> > >
> > > 2010/2/3 Jan Michalica <jan.michalica@centire.com>
> > >
> > > > Hello,
> > > > I am trying to use the new ACL (AccessControlList) API in Jackrabbit
> >
> > 2.0
> >
> > > > to manage permissions for documents stored in repository, however
> > > > there is not very much documentation about it. So far I have
> > > > understood that
> >
> > I
> >
> > > > need to obtain ACL (~policy) for the Node in question and then I can
> >
> > add
> >
> > > > ACL entries
> > > > giving permissions to selected Principals. I suppose that the
> >
> > Principals
> >
> > > > not
> > > > mentioned in ACL will have no permissions to that Node. (?) So far
> >
> > nice,
> >
> > > > however:
> > > >
> > > > When trying to obtain current ACL from Node, I have found out that
> >
> > there
> >
> > > > are
> > > > no such objects - only one SimplePolicy object... How do I configure
> > > > Jackrabbit
> > > > to create this ACL on Node creation?
> > > >
> > > > Next problem is, how to obtaing Principal object for ACL entry? Will
> > > > be an anonymous class returning name of logged user sufficient?
> > > >
> > > > Thanks for any help
> > > >
> > > > Btw. I am using SimpleAccessManager, SimpleSecurityManager and
> > > > SimpleLoginModule in repository config - maybe these classes are 'too
> > > > simple'
> > > > to use ACL's - should I replace them with their Default*
> > > > counterparts?


Mime
View raw message