jackrabbit-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Francisco Carriedo Scher <fcarrie...@gmail.com>
Subject Re: Setting up Access Control
Date Wed, 14 Sep 2011 09:06:14 GMT
Yes, i am using jackrabbit-standalone-2.2.8.jar and as Maikhorma suggested i
started from scratch with a brand new Java project and the only include is
the Jackrabbit library. Then i try the code included in my last email and it
throws an exception:

    public Node createFolder(String username, String path, String

        Node actualNode;
        try {
            // Absolute path REQUIRED
            actualNode = session.getNode(path);
            actualNode = actualNode.addNode(foldername, "nt:folder");
            // Node HAVE TO exist prior to ACL setting
                              // Username value is "admin" or any other
            *setAcl(new PrincipalImpl(username), actualNode.getPath());*

        } catch (PathNotFoundException e) {
            return null;
        } catch (RepositoryException e) {
            return null;

        return actualNode;

    private void *setAcl(Principal p, String path)* throws
UnsupportedRepositoryOperationException, RepositoryException {

        AccessControlManager aMgr = session.getAccessControlManager();

        // create a privilege set with jcr:all
        Privilege[] privileges = new Privilege[] {
aMgr.privilegeFromName(Privilege.JCR_ALL) };
        AccessControlList acl;
        try {
            // get first applicable policy (for nodes w/o a policy)
            acl = (AccessControlList)
        } catch (NoSuchElementException e) {
            // else node already has a policy, get that one
            *acl = (AccessControlList) aMgr.getPolicies(path)[0];*
        // remove all existing entries
        for (AccessControlEntry e : acl.getAccessControlEntries()) {
        // add a new one for the special "everyone" principal
        acl.addAccessControlEntry(p, privileges);

        // the policy must be re-set
        aMgr.setPolicy(path, acl);

        // and the session must be saved for the changes to be applied


Executing the code above i get  the following exception (caused by the code
above highlighted in red colour):
java.lang.ArrayIndexOutOfBoundsException: 0
    at com.solaiemes.filerepository.starting.Permisos.main(Permisos.java:70)

>From your last email i switched to use the DefaultAccessManager, specifying
it in the repository.xml:

    <Security appName="Jackrabbit">
            security manager:
            class: FQN of class implementing the JackrabbitSecurityManager
            workspace access:
            class: FQN of class implementing the WorkspaceAccessManager
            <!-- <WorkspaceAccessManager class="..."/> -->
            <!-- <param name="config" value="${rep.home}/security.xml"/> -->

            access manager:
            class: FQN of class implementing the AccessManager interface
        <!-- <AccessManager
class="org.apache.jackrabbit.core.security.simple.SimpleAccessManager"> -->
        <AccessManager class="*
            <!-- <param name="config" value="${rep.home}/access.xml"/> -->

              anonymous user name ('anonymous' is the default value)
           <param name="anonymousId" value="anonymous"/>
              administrator user id (default value if param is missing is
           <param name="adminId" value="admin"/>

But then, when trying to execute the same code stated above (which just
creates a folder and tries to assign an ACL to the path of the folder) it
throws the following exception (i input the / folder):

*javax.jcr.PathNotFoundException: /*

Thanks for helping!

2011/9/14 Alexander Klimetschek <aklimets@adobe.com>

> On 13.09.11 23:41, "Francisco Carriedo Scher" <fcarriedos@gmail.com>
> wrote:
> SimpleAccessManager
> This is the "old" access manager from 1.x times that supports only a very
> simple authorization between "admin", normal users and anonymous.
> For the JCR 2.0 ACLs you want to use the DefaultAccessManager.
> On the other hand, if i use the DefaultAccessManager instead, i am not able
> even to log in the repository and every action i try to perform throws an
> exception (AccessDenied, PathNotFound,...).
> Are you using a standard Jackrabbit 2.x installation? There is a bit more
> than the AccessManager in the repository.xml, but the default setup should
> be right (no need to do anything).
> The default admin user is admin/admin, and with this one you can create
> users, etc. and set acls.
> Regards,
> Alex
> --
> Alexander Klimetschek
> Developer // Adobe (Day) // Berlin - Basel

  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message