jackrabbit-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Cory Prowse <c...@prowse.com>
Subject Re: DefaultAccessManager denies all access?
Date Wed, 28 Jul 2010 06:08:16 GMT
Ah it is probably worth mentioning I am deplying the JCA of JackRabbit to Glassfish.

 -- Cory

On 28/07/2010, at 3:32 PM, Cory Prowse wrote:

> I too have been struggling with security access in JackRabbit 2.1.0 these past few days.
> 
> I am attempting a proof of concept which allows adding nodes and specifying which users/groups
can view them, so that only the nodes the currently logged in user has access to will be shown.
> 
> When I attempt to use DefaultAccessManager I get:
>  javax.jcr.AccessDeniedException: cannot read item cafebabe-cafe-babe-cafe-babecafebabe
> 
> This is my config:
>        <Security appName="Jackrabbit">
>                <!-- <AccessManager class="org.apache.jackrabbit.core.security.simple.SimpleAccessManager"
/> -->
>                <AccessManager class="org.apache.jackrabbit.core.security.DefaultAccessManager"
/>
> 
>                <LoginModule class="org.apache.jackrabbit.core.security.simple.SimpleLoginModule">
>                        <param name="anonymousId" value="ANONYMOUS" />
>                </LoginModule>
>        </Security>
> 
> This exception occurs when I ask the session for the root node.
> 
> Not quite following how to hook up security properly here, am I doing something obviously
wrong?
> 
> -- Cory
> 
> 
> On 28/07/2010, at 5:37 AM, Alexander Klimetschek wrote:
> 
>> I am currently working on a wiki page for that:
>> http://wiki.apache.org/jackrabbit/AccessControl
>> 
>> Expect more in the coming days.
>> 
>> Regards,
>> Alex
>> 
>> On Tue, Jul 27, 2010 at 15:51, Joel Feenstra <jrfeenst@gmail.com> wrote:
>>> Hi,
>>> I'm working on adding some authentication/authorization to our application
>>> which uses Jackrabbit 2.1. How can I best control access to a node (and it's
>>> children) so that one user has read/write access to the subtree, but all
>>> other users don't have any access (not even read access).
>>> 
>>> I've looked at using the principal based ACLProvider, but I can't find any
>>> examples detailing how to actually use it.
>>> 
>>> Thanks,
>>> Joel
>>> jrfeenst@gmail.com
>>> 
>> 
>> 
>> 
>> -- 
>> Alexander Klimetschek
>> alexander.klimetschek@day.com
> 


Mime
View raw message