the SimpleAccessManager doesn't allow for ac-modification
as it is has a fixed set of ac rules.
similarly, the ac-related nodes/properties defined by the corresponding
nodetypes are designed so they cannot not manipulated manually
but only through the jsr 283 api.
if you want to be able to edit access control policies etc..
you may change the security config to use the DefaultSecurityManager.
then you are free to use any of the existing ac-manager implementions
or provide your custom one. similarly you can use one of the
existing ac-providers or define your custom provider.
the latter can be configured per workspace.
hope that helps
angela
[email protected] wrote:
Hello,
I'm using Jackrabbit in one of my projects and now I've came to
implement the security part.
After some readings I've found out that the documentation from jsr283 is
the best starting point in implementing security in a Jackrabbit based
project.
I need to set pairs of Principal-Privilege[] on a node, so I tried the
following:
SessionImpl s = rep.login(new SimpleCredentials("myUser",
"myPassword".toCharrArray()));
AccessControlManager acm = s.getAccessControlManager();
Principal p_myUser = new PrincipalImpl("myUser");
Privilege[] privs = new Privilege[] {acm.privilegeFromName("jcr:write")};
MyAccessControlList acl = new MyAccessControlList();
acl.addAccessControlEntry(p_myUser, privs);
acm.setPolicy(absPath, acl);
acm.setPolicy()
The problem is that setPolicy method, innvoked on
SimpleAccessControlManager throws always an exception -
AccessControlException.
So the method is not implemented in SimpleAccessControlManager, the one
from from AbstractAccessControlManager it's called.
After all mentioned above I've tried the folowing:
Node theNode = s.getNode(absPath);
Node policy = theNode.addNode("rep:policy", "rep:ACL");
Node accessControlEntry = policy.addNode("ace1", "rep:GrantACE");
accessControlEntry.setProperty("rep:principalName", "ionel");
accessControlEntry.setProperty("rep:privileges", new String[]
{"jcr:write"});
accessControlEntry.setProperty("rep:nodePath", theNode.getPath());
but I get the folowing exception:
javax.jcr.nodetype.ConstraintViolationException: node
/category_X/rep:policy: cannot add a child to a protected node.
The node that I want to set a Policy on is a rep:AccessControllable
mixin type.
So, how can I set an access control list on a node ?
Any further documentation regarding the Access Control in Jackrabbit
would be very useful.
I appreciate any help !
Thanks
Damian Daniel
