jackrabbit-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Francisco Carriedo Scher <fcarrie...@gmail.com>
Subject Re: Setting up Access Control
Date Tue, 13 Sep 2011 15:24:36 GMT
Ok,

thanks in advance for answering. I found DefaultAccessManager class, which
extends AbstractAccessControlManager (and has setPolicy method implemented).
After it i set such class in repository.xml file to use it as my access
manager and, leaving commented the access.xml file (with no file), i can not
perform operations on the repository (logged in as admin), as i obtain the
following exceptions:

javax.jcr.PathNotFoundException: /myfolder   (trying to access a node to
create a child node)
javax.jcr.AccessDeniedException: cannot read item
cafebabe-cafe-babe-cafe-babecafebabe  (trying to create a user)
...

So i think that access.xml line must be uncommented (DefaultAccessManager
can not be instantiated since such file does not exist) and populated with
access control data, isn't it? I did not find access.xml info so far, any
useful pointer?

Thanks for your attention!



2011/9/13 Justin Edelson <justin@justinedelson.com>

> You should not need to write your own implementations of any Jackrabbit or
> JCR interfaces to set an ACL on a node.
>
> Regards,
> Justin
>
> On Sep 13, 2011, at 7:38 AM, Francisco Carriedo Scher <
> fcarriedos@gmail.com> wrote:
>
> > Hi there,
> >
> > i have been diving in mailing list and source code of Jackrabbit and
> finally
> > my impression is that just interfaces are defined respecting access
> control
> > (lots of abstract classes to be extended with my own code, right?). I say
> > that based on quotes from the mailing list as:
> >
> >
> http://mail-archives.apache.org/mod_mbox/jackrabbit-users/201106.mbox/%3CBANLkTi=UKkoLaFOQ1ddOo+DVTHvFT3LOdQ@mail.gmail.com%3E
> >
> http://mail-archives.apache.org/mod_mbox/jackrabbit-users/201106.mbox/%3C4DEF2AC2.9070205@adobe.com%3E
> >
> > About the source code, when i extend the abstract classes related to
> > access control (AbstractAccessControlManager, AbstractACLTemplate,
> > ...) what really intrigates me is that i thought  that the ACLs remain
> > stored within the repository binded somehow to the node they were
> > created for (with setPolicy method). The point is, if i extend the
> > classes mentioned (and thus write setPolicy source code), it is up to
> > me where to store the ACL objects as long as i provide a method to get
> > them when needed to perform access control operations? Isn't it? Would
> > be valid ideas storing them inside Jackrabbit's as nodes, or within a
> > database or...?
> >
> > Thanks in advance for any hint about my wrongness or correctness!
>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message