jackrabbit-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Salinas González, Jesús <jsalin...@indra.es>
Subject Ldap permissions
Date Fri, 07 Jan 2011 08:39:07 GMT
Hello all.

I want to sincronize my jackrabbit application whit an ldap authentication directory.

I have configured the security module of  my repository.xml in this way:

<Security appName="Jackrabbit">
<SecurityManager class="org.apache.jackrabbit.core.DefaultSecurityManager" workspaceName="security">

                               <!--
                              workspace access:
                                class: FQN of class implementing the WorkspaceAccessManager
interface
                                -->
                               <!-- <WorkspaceAccessManager class="..."/> -->
                                <!-- <param name="config" value="${rep.home}/security.xml"/>
-->
                </SecurityManager>



                <AccessManager class="org.apache.jackrabbit.core.security.DefaultAccessManager">
                               <!-- <param name="config" value="${rep.home}/access.xml"/>
-->
                </AccessManager>


                <LoginModule class="com.sun.security.auth.module.LdapLoginModule">
                                  <param name="userProvider" value="ldap://maquinaldap:10389/"/>
                                  <param name="authIdentity" value="uid={USERNAME}, ou=users,
ou=system" />
                                  <param name="useSSL" value="false" />
                </LoginModule>

</Security>

I got to access ldap without problems, but now my problems are related to permission.

I have three workspaces, and the users of the ldap have not permission to access this workspaces.

How can I configure the permission for the ldap users?

Must I create a customAccessManager?

How can I indicate an admin or system user for the ldad users?


Thanks and regards.



________________________________
Este correo electrónico y, en su caso, cualquier fichero anexo al mismo, contiene información
de carácter confidencial exclusivamente dirigida a su destinatario o destinatarios. Si no
es vd. el destinatario indicado, queda notificado que la lectura, utilización, divulgación
y/o copia sin autorización está prohibida en virtud de la legislación vigente. En el caso
de haber recibido este correo electrónico por error, se ruega notificar inmediatamente esta
circunstancia mediante reenvío a la dirección electrónica del remitente.
Evite imprimir este mensaje si no es estrictamente necesario.

This email and any file attached to it (when applicable) contain(s) confidential information
that is exclusively addressed to its recipient(s). If you are not the indicated recipient,
you are informed that reading, using, disseminating and/or copying it without authorisation
is forbidden in accordance with the legislation in effect. If you have received this email
by mistake, please immediately notify the sender of the situation by resending it to their
email address.
Avoid printing this message if it is not absolutely necessary.

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message