jackrabbit-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Ben Short <...@benshort.co.uk>
Subject Re: ACL and jackrabbit security configuration
Date Wed, 03 Feb 2010 19:21:37 GMT
You now have to create users/groups and set the ALC on the nodes you want
those users to access.

You can get the UserManager as follows...


Session session = repository.login(new SimpleCredentials("admin",
"admin".toCharArray()));

UserManager um = ((JackrabbitSession) session).getUserManager();

User user = um.createUser("john", "doe");


And assign some ALC as follows...

AccessControlManager acm = session.getAccessControlManager();

AccessControlPolicyIterator it =
acm.getApplicablePolicies(testRootNode.getPath());
               while ( it.hasNext() ) {
                       AccessControlPolicy acp =
it.nextAccessControlPolicy();

                       Privilege[] privileges =
new Privilege[]{acm.privilegeFromName(Privilege.JCR_WRITE)};


 ((AccessControlList)acp).addAccessControlEntry(new
PrincipalImpl(user.getUserID()),
privileges);

                       acm .setPolicy(testRootNode.getPath(), acp);
               }

I hope this is of some help to you.

Also have a look at the security unit tests here [1]

[1]
http://svn.apache.org/repos/asf/jackrabbit/branches/2.0/jackrabbit-jcr-tests/src/main/java/org/apache/jackrabbit/test/api/security/


On 3 February 2010 16:14, Jan Michalica <jan.michalica@centire.com> wrote:

> Hi, I have tried to do so, but now no one (except admin and anonymous) is
> able
> to log in to repository. How do I configure DefaultLoginModule so that
> anyone
> can log in?
>
> Dne středa 03 února 2010 16:07:28 Ben Short napsal(a):
> > You need to configure Jackrabbit to use the DefaultAccessManager,
> > DefaultLoginModule
> > and DefaultSecurityManager
> >
> > 2010/2/3 Jan Michalica <jan.michalica@centire.com>
> >
> > > Hello,
> > > I am trying to use the new ACL (AccessControlList) API in Jackrabbit
> 2.0
> > > to manage permissions for documents stored in repository, however there
> > > is not very much documentation about it. So far I have understood that
> I
> > > need to obtain ACL (~policy) for the Node in question and then I can
> add
> > > ACL entries
> > > giving permissions to selected Principals. I suppose that the
> Principals
> > > not
> > > mentioned in ACL will have no permissions to that Node. (?) So far
> nice,
> > > however:
> > >
> > > When trying to obtain current ACL from Node, I have found out that
> there
> > > are
> > > no such objects - only one SimplePolicy object... How do I configure
> > > Jackrabbit
> > > to create this ACL on Node creation?
> > >
> > > Next problem is, how to obtaing Principal object for ACL entry? Will be
> > > an anonymous class returning name of logged user sufficient?
> > >
> > > Thanks for any help
> > >
> > > Btw. I am using SimpleAccessManager, SimpleSecurityManager and
> > > SimpleLoginModule in repository config - maybe these classes are 'too
> > > simple'
> > > to use ACL's - should I replace them with their Default* counterparts?
>
>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message