Hello, first of all, sorry for my blunder.. I'm trying to create an specific user different that 'admin' and 'anonymous', for example 'tests'. I know that from Jackrabbit 1.4.x, it comes with a new feature, user and group management. And in this link ( http://sling.apache.org/site/managing-users-and-groups-jackrabbitusermanager.html) I can find info about the easy Rest API developed for Sling team.
Let me explain an example about I want to do: 1. Create the user 'tests': curl -F:name=tests -Fpwd=tests -FpwdConfirm=tests http://localhost:8080/system/userManager/user.create.html 2. Admin user creates the 'tests' folder in content: curl -Ftitle=tests http://admin:ad...@localhost:8080/content/* 3. I wish 'tests' user had permissions to CRUD operations in all nodes under its folder: curl -Ftitle=collection1 http://tests:te...@localhost:8080/content/tests/* curl -Ftitle=doc1 http://tests:te...@localhost :8080/content/tests/collection1/* curl -Fdescription=CommonsCollection http://tests:te...@localhost :8080/content/tests/collection1 curl -F:operation=delete http://tests:te...@localhost :8080/content/tests/collection1 The step1 creates an user in JCR through userManager. So, in step 3 SlingAuthenticator extracts credentials and login into JCR. As 'tests' user exists in JCR, a session is opened with this user. As you know, the problem comes now, because 'tests' user doesn't have write permissions in JCR. By default, only admin user have all permissions in JCR. How can I assign permissions to an user? Is there any API like userManager for this matter? Could anybody give me an example? As alternative, I have read that AccesManager manages Authorization and LoginModule Authentication, and that by implementing my own accesmanager I could even use other authorizable mechanism like LDAP. Am I in the right way? I have tried to implement my own AccessManager in Jackrabbit-core 1.5, but I must be doing anything wrong. Or should I wait for Jackrabbit 2.0 or for more documentation? I apreciate your effort and contribution. Sincerely, FJ Gonzalez.
