jackrabbit-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Clay Ferguson <wcl...@gmail.com>
Subject Re: Access control
Date Mon, 24 Aug 2015 20:40:56 GMT
I'm not *that* much of an expert, but it kind of works by bubbling up
towards the root I believe. So if you query for ACL on a node and it finds
none, that is fine. It just means that node is effectively controlled by an
ancestor. Once you start adding AC L privs the that root starts applying
those there and all beneath it on the tree recursively. By default 'admin'
user has full privileges and everyone else has none. The session that
creates a node i think by default has all privs on that node, but i'd have
to check my code...I might be adding privs when creating. Look at my
"controller" class, and that is the top level, and a lot of stuff like
creating new nodes, moving nodes, adding ACLs etc can be sussed out by just
looking at my code and not even running it. It's not too complicated. Does
that answer the question?

Best regards,
Clay Ferguson
wclayf@gmail.com


On Mon, Aug 24, 2015 at 2:53 PM, Atif Manzoor <atif.manzoor@gmail.com>
wrote:

> Hi Clay
>
> Thanks a lot for your response. I have been through your code and have
> found that you have also been using getApplicablePolicies(path) and
> getPolicies(path) function to get AccessControlList (ACL) object, however
> both of these function have not been returning any ACL policies for me. In
> words my node does not contain any modifiable ACL. Can you tell me why is
> that. What will I have to do, so that the node should also have modifiable
> ACL.
>
> Kind regards,
> Atif
>
> On Mon, Aug 24, 2015 at 7:01 PM, Clay Ferguson <wclayf@gmail.com> wrote:
>
> > Hello Atif,
> >
> > You should check out my open source project:
> > https://github.com/Clay-Ferguson/meta64
> >
> > Download the zip and search for the words 'privilege' and/or
> AccessControl,
> > etc.
> >
> > The AclService.java class has ability to do basic listing of privileges
> for
> > a node, and adding or removing privileges from a node, and might help you
> > some. Good luck.
> >
> > Best regards,
> > Clay Ferguson
> > wclayf@gmail.com
> >
> >
> > On Mon, Aug 24, 2015 at 12:07 PM, Atif Manzoor <atif.manzoor@gmail.com>
> > wrote:
> >
> > > I am new to Jackrabbit and after going through the first hops and
> little
> > > bit of documentation, I was trying to configure Access Control for the
> > > repository nodes. I was extending ThirdHop tutorial for that purpose
> and
> > > was following access control wiki
> > > http://wiki.apache.org/jackrabbit/AccessControl and had the following
> > > code.
> > >
> > > Session session = repository.login(new SimpleCredentials("username",
> > > "password"
> > > .toCharArray()));
> > > Node node = session.getRootNode();
> > > String path = node.getPath();
> > > AccessControlManager acm = session.getAccessControlManager();
> > >
> > > Privilege[] privileges = new Privilege[] { acm
> > > .privilegeFromName(Privilege.JCR_ALL) };
> > > AccessControlList acl;
> > > try {
> > > acl = (AccessControlList) acm.getApplicablePolicies(path)
> > > .nextAccessControlPolicy();
> > > } catch (NoSuchElementException e) {
> > > acl = (AccessControlList) acm.getPolicies(path)[0];
> > > }
> > > for (AccessControlEntry e : acl.getAccessControlEntries()) {
> > > acl.removeAccessControlEntry(e);
> > > }
> > > acl.addAccessControlEntry(EveryonePrincipal.getInstance(), privileges);
> > > acm.setPolicy(path, acl);
> > > session.save();
> > >
> > > My problem is that I could not get AccessControlList with this code.
> Both
> > > functions (getApplicablePolicies and getAllPolicies) don't have any
> > > AccessControlList attached with them. Can you tell me where I went
> > wrong. I
> > > have been using the default security configuration.
> > >
> > > Thanks
> > > Atif
> > >
> >
>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message