jackrabbit-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "amar.deka@gmail.com" <amar.d...@gmail.com>
Subject Trouble enforcing read-write ACL to Jackrabbit users on versionable nodes
Date Tue, 22 Nov 2011 19:00:06 GMT
(This question was cross-posted to 
StatckOverflow.com  However I have not received any answer)
We are using Jackrabbit 2.2.7 to develop a repository for xml documents.

We want to create a bunch of users for the repository and enforce some sort
of read-only and read-write access privileges on them. We have used the
resource based ACL as described 
http://wiki.apache.org/jackrabbit/AccessControl#Resource-based_ACLs here .
Read-only permission works as charm. However, we are having hard time
getting read-write to work when a user attempts to create/delete a node that
is versionable (mix:versionable), even though we grant him the highest
possible privilege, Privilege.JCR_ALL. So far we have realized that the
modification to a versioned node actually is not simple. In Jackrabbit, it
span across multiple nodes - /jcr:system/jcr:versionStorage is one of them.
It seems that unless the user is the admin user himself, he cannot make
modification to /jcr:system/ and its child nodes.

So my questions are

a) is there a way I enable normal users to modify versionable nodes?
b) is there a way to create multiple admin users in jackrabbit (pointers,
wiki, code snippet)?
Here is the security section from the repository.xml:

<Security appName="Jackrabbit">



Here is how we are creating users and enabling access control:

        JackrabbitSession js = (JackrabbitSession) session;
        UserManager um = js.getUserManager();
        Authorizable grp = um.getAuthorizable("usergroup");
        Group userGroup = null;
        if(grp == null){
            userGroup = um.createGroup("usergroup");
            userGroup = (Group) grp;

        User user = um.createUser(newUserName, newUserPass);

        Node node = session.getNode("/root");           

        AccessControlManager acm = session.getAccessControlManager();
        AccessControlList acl = getList(acm, node.getPath());

        Privilege[] privileges = null ;

            privileges = new Privilege[]

        }else if(privilege.equals("rw")){
            privileges = new Privilege[]


        acl.addAccessControlEntry(new PrincipalImpl(user.getID()),
        acm.setPolicy(node.getPath(), acl);


View this message in context: http://jackrabbit.510166.n4.nabble.com/Trouble-enforcing-read-write-ACL-to-Jackrabbit-users-on-versionable-nodes-tp4096902p4096902.html
Sent from the Jackrabbit - Users mailing list archive at Nabble.com.

View raw message