jackrabbit-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Javier Arias <jar...@ujaen.es>
Subject Re: New information about my last email...
Date Wed, 19 Jan 2011 16:39:56 GMT
About the last send, the disabled function works now, I forgot call
save() and logout() methods (I believed these function were called
automatically). Sorry.

About grant privileges an user, I am some lost. I understood first step
and second step but I do not know how follow. How can I get
AccessControlList? How grant privileges with User.getPrincipal?

I give the code that I have at the moment:

Repository repository = new TransientRepository(new File(_repository));

Session session = repository.login(new
SimpleCredentials("user","pass".toCharArray()));

UserManager userManager = ((JackrabbitSession)
session).getUserManager();

AccessControlManager controlManager = ((JackrabbitSession)
session).getAccessControlManager();
            
Authorizable authorizable = userManager.getAuthorizable("user");

Principal principal = (Principal) ((User) authorizable).getPrincipal();

---
Thank you. Regards



El mié, 19-01-2011 a las 11:16 +0100, Angela Schreiber escribió:
> hi javier
> 
> On 1/19/11 11:00 AM, Javier Arias wrote:
> > Hi Angela, my problem was solved. The problem was: supose I have
> > "jackrabbit-standalone" in the
> > folder: /home/user/server/jackrabbit-standalone.jar when you start
> > jackrabbit-standalone it creates a folder "jackrabbit". I was creating a
> > TransientRepository with url /home/user/server/ and not
> > with /home/user/server/jackrabbit taht is the correct. Now it works
> > perfectly.
> >
> > Besides , I have a new task. I want to allow only two users for my
> > webdav server. One user will be admin. I have changed his password and I
> > will use it only for management tasks. I have created another user to
> > access to the repository to add and remove files, but with him, I can
> > not upload resources to server. How I give him privileges to do it?
> 
> use the jcr access control management to grant this editing user
> the permissions to manipulate a node (and it's child nodes)... this most 
> probably includes the following privileges:
> 
> jcr:modifyProperties
> jcr:addChildNodes
> jcr:removeNodes
> jcr:removeChildNode
> and eventually jcr:nodetypeManagement
> 
> the first 4 privileges are aggregated in jcr:write, while rep:write
> also includes the latter privilege.
> 
> something like:
> 
> 1. access the ac manager by means of session.getAccessControlManager()
> 2. retrieve the applicable policies at your target node or -
>     alternatively - the policies already set to have them modified.
> 3. in jr the policies are normally accesscontrollist(s) -> modify
>     the acl by granting the privileges for your users principal
>     (User.getPrincipal)
> 4. reapply the modified policy (AcMgr.setPolicy)
> 5. save the changes in order to have them take effect
> 
> JSR283 and the API javadoc may give you some additional information
> about how it works. jackrabbit in addition defines some extensions
> to the JCR api.
> 
> > Another problem is with anonymous user. I have removed this user but
> > when I start the server, it is created again. I have tried too change
> > the anonymous password but it does not work, the password is always the
> > same. It is a problem because everyone can access with
> > "anonymous/anonymous".
> 
> the system users admin and anonymous are always recreated in the default
> setup. but you may "disable" the anonymous user. this will prevent any
> login as this user... see
> 
> org.apache.jackrabbit.api.security.user.User#disable(String)
> 
> hope that helps
> angela
> > Thank you. Best regards.
> >
> >
> > 




Mime
View raw message