jackrabbit-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Felix Meschberger <fmesc...@gmail.com>
Subject Re: AW: AW: UserManagement
Date Tue, 23 Feb 2010 22:50:21 GMT

On 23.02.2010 09:45, Cech. Ulrich wrote:
> Thanks for answering without Eclipse :-))
> I tried to scan the Sling-Sourcecode for help, but the Sling-Code uses this snippet to
compare the new Passwort with the existent password, so this code should work somehow:
> Value[] pwdProperty = ((User)auth).getProperty("rep:password");

You must be referring to an old version of the Sling Jackrabbit
Usermanager bundle.

As of Jackrabbit 1.6 the rep:password (all rep: namespaced user node
properties, actually) are not exposed as Authorizable properties any
more and thus Sling does not use the rep:password any longer.

See the checkPassword method in [1]


(ducks and runs for answering a Sling question on the jackrabbit users
list ...)


> I am logged in the repository with the default 'admin'-account, so I should have all
neccessary rights, but this code returned pwdProperty with "null".
> AccessControlUtil deals with privileges on pathes, I don't find any helpful hint for
the problem with the user passwords.
> Ok, if "rep:password" is protected, than you will be right, that this doesn't work in
a findAuthorizables() methods.
> If my further problem with the properties of an authorizables is fixed, then I can find
another property for getting all registered users in the repository, but as long as these
methods only return empty lists, that would be difficult ;-)
> I searched the net, but to this topic there is really a big lack of documentation. If
I managed all these problems, I would like to write all these answers in the wiki or make
some tutorial on this.
> Perhaps you have some hint later (in the meantime I will start with the ACL topics).
> Thank you very much,
> Ulrich
> -----Ursprüngliche Nachricht-----
> Von: Ian Boston [mailto:ianboston@googlemail.com] Im Auftrag von Ian Boston
> Gesendet: Dienstag, 23. Februar 2010 10:10
> An: users@jackrabbit.apache.org
> Cc: users@jackrabbit.apache.org
> Betreff: Re: AW: UserManagement
>   rep:password is a protected property. Iirc you have to use
> accesscontrolutils to set it. Have a look in the sling/bundles/jcr/
> jackrabbit-accessmanager in apache sling to see an example of how.
> Also I don't think that you can use rep:password in a search.
> Unfortunately eclipse doesn't run on an iPhone so that's from memory ;)
> Ian
> Sent from my iPhone
> On 23 Feb 2010, at 07:17, "Cech. Ulrich" <Ulrich.Cech@aeb.de> wrote:
>> Hi Ian,
>> thanks for your response.
>> To 1 (changing password):
>> The problem here is that i get the NoSuchElementException while
>> calling:
>> Value[] pwdProperty = ((User)auth).getProperty("rep:password");
>> (copied from the Sling code)
>> If I call:
>> Authorizable a = um.getAuthorizable(userId); // 'um' is the normal
>> UserManager
>> Iterator<String> i = a.getPropertyNames();
>> The resulting iterator is empty, so it seams that there are no
>> properties for the user, what I think is not the case.
>> <You could add an ACL to the root node that dened jcr:all or
>> jcr:read for anonymous ?>
>> Good idea ;-)... shame on me
>> <You have to  use the UserManager and the search capabilities in
>> there, /rep:security is protected so a normal session wont be able
>> to get to it.>
>> Like Matt asked in his post, how can we search for "all" existing
>> users. I tried to find for example a special password with
>> "um.findAuthorizables("rep:password", "admin");" for users with
>> password "admin", but this also returned an empty iterator.
>> Thanks again,
>> Ulrich
>> Treffen Sie AEB vom 2.-4. M?rz 2010 auf der LogiMAT in Stuttgart.
>> Halle 5, Stand 407.
>> Weitere Informationen und Terminvereinbarung unter: www.aeb.de/logimat
> Treffen Sie AEB vom 2.-4. März 2010 auf der LogiMAT in Stuttgart. Halle 5, Stand 407.
> Weitere Informationen und Terminvereinbarung unter: www.aeb.de/logimat

View raw message