Return-Path: Delivered-To: apmail-jackrabbit-users-archive@minotaur.apache.org Received: (qmail 52124 invoked from network); 10 Dec 2010 11:18:26 -0000 Received: from unknown (HELO mail.apache.org) (140.211.11.3) by 140.211.11.9 with SMTP; 10 Dec 2010 11:18:26 -0000 Received: (qmail 38876 invoked by uid 500); 10 Dec 2010 11:18:25 -0000 Delivered-To: apmail-jackrabbit-users-archive@jackrabbit.apache.org Received: (qmail 38696 invoked by uid 500); 10 Dec 2010 11:18:25 -0000 Mailing-List: contact users-help@jackrabbit.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: users@jackrabbit.apache.org Delivered-To: mailing list users@jackrabbit.apache.org Received: (qmail 38688 invoked by uid 99); 10 Dec 2010 11:18:25 -0000 Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136) by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 10 Dec 2010 11:18:25 +0000 X-ASF-Spam-Status: No, hits=1.5 required=10.0 tests=FREEMAIL_FROM,HTML_MESSAGE,RCVD_IN_DNSWL_LOW,SPF_PASS,T_TO_NO_BRKTS_FREEMAIL X-Spam-Check-By: apache.org Received-SPF: pass (athena.apache.org: domain of yusuf.aaji@gmail.com designates 209.85.216.42 as permitted sender) Received: from [209.85.216.42] (HELO mail-qw0-f42.google.com) (209.85.216.42) by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 10 Dec 2010 11:18:18 +0000 Received: by qwj8 with SMTP id 8so3717967qwj.1 for ; Fri, 10 Dec 2010 03:17:57 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:mime-version:received:in-reply-to :references:from:date:message-id:subject:to:content-type; bh=ld+5Yu5UrNnIbOKmjuPQtH0s0ASCRkSibuUosvjVPbk=; b=Xabtsx3HpJMDKf0rtY4R/2ZM2w5PJkhS4xntZag6yUcfb4ZRFJf7+jQE5Pb3B03tNx S3inj6O1ggMj3NKxJDsFXmtprwJe7CsctYSUHzNMCN83cw8lb99lPzARnw+UaEwCS5Xc iWXtzYOoZsRGbHsqcK8Wy/IuSirpBCZOXw2Y4= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :content-type; b=HDwdV/zbZrqk9LVpjHlT4Z9AmNUMbaaZbirXMwQ2GNsTc7sgQvZAMaJcWX0TwxAzSJ nWz1OPXb256ZpjnBDIu9ifa9oeqsaLPvX8pqv4BKMKVCseP6F7wh9b97StMdaBb8b41H 8stu+DShIGDIrFfUXtFNi4658ZvRZhedPlGUI= Received: by 10.229.91.194 with SMTP id o2mr531414qcm.250.1291979877556; Fri, 10 Dec 2010 03:17:57 -0800 (PST) MIME-Version: 1.0 Received: by 10.229.20.20 with HTTP; Fri, 10 Dec 2010 03:17:37 -0800 (PST) In-Reply-To: References: From: Yusuf Aaji Date: Fri, 10 Dec 2010 14:17:37 +0300 Message-ID: Subject: Re: Using Jboss LdapLoginConfig and DefaultAccessManager To: users@jackrabbit.apache.org Content-Type: multipart/alternative; boundary=0016364ee640a8a18404970c8144 --0016364ee640a8a18404970c8144 Content-Type: text/plain; charset=UTF-8 Anybody has done such configuration. Help guys!!! there has to be a solution. On Wed, Dec 8, 2010 at 2:57 PM, Yusuf Aaji wrote: > Hi, > > I have configure jackrabbit 2.1.2 as a jboss jca and used ldapLoginConfig > for security. I was using the SimpleAccessManager and SimpleSecurityManager > for security and all was fine. > > Now I need to put some security restrections on the nodes I tries the > SimpleJBossAccessManager but it is not enough as I need specific ACL for > each node. > > So, I guess I need to use the DefaultAccessManager. When I configure the > repository to use the DefaultAccessManager and the DefaultSecurityManager > without the DefaultLoginConfig as the loginConfig I'm using is defined in > jboss login-config.xml I get this in the log: > > ... > 14:46:31,936 INFO [org.apache.jackrabbit.core.RepositoryImpl] created > system workspace: security > 14:46:31,936 INFO [org.apache.jackrabbit.core.RepositoryImpl] Repository > started > 14:46:31,936 INFO [org.apache.jackrabbit.core.TransientRepository] > Transient repository initialized > 14:46:31,936 INFO [org.apache.jackrabbit.core.RepositoryImpl] initializing > workspace 'security'... > 14:46:33,026 INFO > [org.apache.jackrabbit.core.persistence.bundle.ConnectionRecoveryManager] > Database: Oracle / Oracle Database 10g Express Edition Release 10.2.0.1.0 - > Production > 14:46:33,027 INFO > [org.apache.jackrabbit.core.persistence.bundle.ConnectionRecoveryManager] > Driver: Oracle JDBC driver / 10.2.0.1.0XE > 14:46:34,530 INFO [org.apache.jackrabbit.core.query.lucene.MultiIndex] > Created initial index for 1 nodes > 14:46:34,533 INFO [org.apache.jackrabbit.core.query.lucene.SearchIndex] > Index initialized: /home/yusuf/repo/workspaces/security/index Version: 3 > 14:46:34,533 INFO [org.apache.jackrabbit.core.RepositoryImpl] workspace > 'security' initialized > 14:46:34,551 INFO [org.apache.jackrabbit.core.DefaultSecurityManager] > init: *use JAAS login-configuration for gso* > 14:46:34,618 INFO > [org.apache.jackrabbit.core.security.user.UserManagerImpl] *Admin user > does not exist.* > 14:46:35,319 INFO > [org.apache.jackrabbit.core.security.user.UserManagerImpl] ... *created > admin user with id 'admin' and default pw.* > 14:46:35,408 INFO [org.apache.jackrabbit.core.DefaultSecurityManager] ... > *created anonymous user with id 'anonymous' ...* > 14:46:35,430 INFO [org.apache.jackrabbit.core.RepositoryImpl] > SecurityManager = class org.apache.jackrabbit.core.DefaultSecurityManager > 14:46:36,387 INFO > [org.apache.jackrabbit.core.security.authorization.acl.ACLProvider] *Administrators > principal group is missing -> omitting initialization of default > permissions.* > 14:46:36,475 INFO [org.apache.jackrabbit.core.RepositoryImpl] Shutting > down repository... > 14:46:36,487 INFO [org.apache.jackrabbit.core.RepositoryImpl] shutting > down workspace 'wcm'... > 14:46:36,488 INFO > [org.apache.jackrabbit.core.observation.ObservationDispatcher] Notification > of EventListeners stopped. > 14:46:36,509 INFO [org.apache.jackrabbit.core.query.lucene.SearchIndex] > Index closed: /home/yusuf/repo/workspaces/wcm/index > 14:46:36,539 INFO [org.apache.jackrabbit.core.RepositoryImpl] workspace > 'wcm' has been shutdown > 14:46:36,539 INFO [org.apache.jackrabbit.core.RepositoryImpl] shutting > down workspace 'security'... > 14:46:36,540 INFO > [org.apache.jackrabbit.core.observation.ObservationDispatcher] Notification > of EventListeners stopped. > 14:46:36,631 INFO [org.apache.jackrabbit.core.query.lucene.SearchIndex] > Index closed: /home/yusuf/repo/workspaces/security/index > 14:46:36,657 INFO [org.apache.jackrabbit.core.RepositoryImpl] workspace > 'security' has been shutdown > 14:46:36,659 INFO [org.apache.jackrabbit.core.RepositoryImpl] Repository > has been shutdown > 14:46:36,660 INFO [org.apache.jackrabbit.core.TransientRepository] > Transient repository shut down > 14:46:36,660 INFO > [org.apache.jackrabbit.jca.JCAManagedConnectionFactory.jcr/local] Failed to > create session > 14:46:36,660 INFO > [org.apache.jackrabbit.jca.JCAManagedConnectionFactory.jcr/local] > javax.jcr.LoginException: Workspace access denied > 14:46:36,661 INFO > [org.apache.jackrabbit.jca.JCAManagedConnectionFactory.jcr/local] at > org.apache.jackrabbit.core.RepositoryImpl.login(RepositoryImpl.java:1517) > 14:46:36,661 INFO > [org.apache.jackrabbit.jca.JCAManagedConnectionFactory.jcr/local] at > org.apache.jackrabbit.core.TransientRepository.login(TransientRepository.java:380) > 14:46:36,661 INFO > [org.apache.jackrabbit.jca.JCAManagedConnectionFactory.jcr/local] at > org.apache.jackrabbit.jca.JCAManagedConnectionFactory.openSession(JCAManagedConnectionFactory.java:153) > 14:46:36,661 INFO > [org.apache.jackrabbit.jca.JCAManagedConnectionFactory.jcr/local] at > org.apache.jackrabbit.jca.JCAManagedConnectionFactory.createManagedConnection(JCAManagedConnectionFactory.java:189) > 14:46:36,661 INFO > [org.apache.jackrabbit.jca.JCAManagedConnectionFactory.jcr/local] at > org.apache.jackrabbit.jca.JCAManagedConnectionFactory.createManagedConnection(JCAManagedConnectionFactory.java:181) > 14:46:36,661 INFO > [org.apache.jackrabbit.jca.JCAManagedConnectionFactory.jcr/local] at > org.jboss.resource.connectionmanager.InternalManagedConnectionPool.createConnectionEventListener(InternalManagedConnectionPool.java:584) > > > > So, can I use the DefaultAccessManager and the DefaultSecurityManager > without the DefaultLoginConfig?? > --0016364ee640a8a18404970c8144--