Hi Angela, thank you for your reply. I think it is awesome all the things you guys made with Oak.
Unfortunately we are not using OSGi. Anyway, I will make it work as you say and see what happens. Thanks again. Jorge El lun., 3 jun. 2019 a las 1:24, Angela Schreiber (<[email protected]>) escribió: > hi jorge > > that should be easy to do by configuring your system to trigger the > 'AccessControlAction' upon user/group creation. this action is part of the > default action provider implementation and you can configure the desired > privileges granted for users and group, respectively. > > in the OSGi console the provider is labeled "Apache Jackrabbit Oak > AuthorizableActionProvider" and the corresponding configuration option > "Configure AccessControlAction: User Privileges". > > the documentation for the actions is located at > http://jackrabbit.apache.org/oak/docs/security/user/authorizableaction.html > > there should be tests available in oak-core that illustrate the behavior > if you wanted to see it in action. > > hope that helps > angela > > ________________________________________ > From: jorgeeflorez . <[email protected]> > Sent: Friday, May 31, 2019 2:34 PM > To: [email protected] > Subject: ldap user permission > > Hello, > > I am currently implementing user login using a ldap server. So far so good. > I am able enter to the repositories and when the user that is logging in > doesn't exist in the repository, it is automatically created. > > I am seeing that the created users have no privileges (which makes sense). > Unfortunately, I am using a property from the authorizable to get the > modules the user can see in the application. And when a new user logs in, > he is not able to get its own authorizable and I cannot read the property. > Is there an "easy" way to assign, to the user that is created > automatically, jcr:read to it's own authorizable's path? > > If there is not I think I will go with the alternative. Just check if he > has the permission, if not, grant it before getting its own authorizable... > > Thanks. > > Jorge Eduardo Flórez >
