jackrabbit-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Angela Schreiber <anch...@adobe.com>
Subject Re: using principal-based ACLs
Date Fri, 27 Apr 2012 09:52:05 GMT

> I try to use the principal-based ACLs mechanism in JackRabbit documented in http://wiki.apache.org/jackrabbit/AccessControl.
> Do somebody know how I could create a JackrabbitAccessControlList when JackrabbitAccessControlManager.getPolicies(principal)
> returns an empty array for the given principal?

did you change the workspace configuration to use the principal-based
access control mechanism? this is not enabled by default.

second: access control editing in JCR is defined to work as follows:

- getPolicies returns the policies that have been set before... they
   may or may not be modifiable. if they are modifiable, modifications
   can be applied by calling setPolicy on the manager. they become
   effective upon session.save.

- getApplicablePolicies returns 'new' policies that can be set to the
   manager using setPolicy. after save they are effective.

- setPolicies: used to apply a policy... if the policy was modifiable
   changes must happen before calling setPolicy... or use
   getPolicy-modify-setPolicy to change an existing policy.
   the changes are only effective upon calling session.save()

- removePolicy: removes the policy.
   the changes are only effective upon calling session.save()

so maybe you didn't call be applicablepolicies before? could that be?

hope that helps
> Thx in advance!
> ferry malzer

View raw message