jackrabbit-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Francisco Carriedo Scher <fcarrie...@gmail.com>
Subject Re: Setting up Access Control
Date Tue, 13 Sep 2011 21:41:41 GMT
That is exactly what i need, just to set up ACLs on nodes to allow some
users to read them, other users write them (add and delete childs), disallow
access to others and so on, nothing complicated, but i think i got myself
lost inside the source code instead of abstracting and using the API.

The code that has just been updated in the Wiki to ilustrate how resource
based ACLs are managed is much like the code i tried, but the problem for me
comes when invocating aMgr.setPolicy(path,acl); . There was where i started
to dive inside source code and, if i use SimpleAccessManager (specified in
repository.xml file), the setPolicy source code reveals that the policy/ACL
is not finally bound to the path (i.e.: no code that states that "this
policy" is applied to "this path"). I do not have right now the source code
of this method (sorry :S) but it contains just to invocations to check
methods and it throws always an exception. On the other hand, if i use the
DefaultAccessManager instead, i am not able even to log in the repository
and every action i try to perform throws an exception (AccessDenied,
PathNotFound,...).

So, should i attend any configuration prior to start working on access
control?

I must say that both this last email and the update of the Wiki help me to
clarify my ideas and what is the right path to successfully setup ACLs,
thank you all very much, it really helped!


2011/9/13 maikhorma <MHerman@nbme.org>

>
> Francisco Carriedo Scher wrote:
> >
> > Ok,
> >
> > thanks in advance for answering. I found DefaultAccessManager class,
> which
> > extends AbstractAccessControlManager (and has setPolicy method
> > implemented).
> > After it i set such class in repository.xml file to use it as my access
> > manager and, leaving commented the access.xml file (with no file), i can
> > not
> > perform operations on the repository (logged in as admin), as i obtain
> the
> > following exceptions:
> >
> > javax.jcr.PathNotFoundException: /myfolder   (trying to access a node to
> > create a child node)
> > javax.jcr.AccessDeniedException: cannot read item
> > cafebabe-cafe-babe-cafe-babecafebabe  (trying to create a user)
> > ...
> >
> > So i think that access.xml line must be uncommented (DefaultAccessManager
> > can not be instantiated since such file does not exist) and populated
> with
> > access control data, isn't it? I did not find access.xml info so far, any
> > useful pointer?
> >
> > Thanks for your attention!
> >
>
> Can you back up a second and describe what you are actually trying to do?
> It kind of sounds like you're just trying to apply normal permissions to a
> node, but if that's so, it seems you are making it very complicated.  As
> Justin said you shouldn't need to implement classes or configure the
> repository xml to set permissions.  You should use the JCR Api [1] and
> jackrabbit provides all the implementations for you.  You log in, and then
> call session.getAccessControlManager().  If you are trying to do something
> more complicated, you'll have to be more specific.
>
> [1] http://www.day.com/specs/jcr/2.0/16_Access_Control_Management.html
>
> --
> View this message in context:
> http://jackrabbit.510166.n4.nabble.com/Setting-up-Access-Control-tp3809801p3810401.html
> Sent from the Jackrabbit - Users mailing list archive at Nabble.com.
>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message