[
https://issues.apache.org/jira/browse/OAK-792?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13718362#comment-13718362
]
angela edited comment on OAK-792 at 8/6/13 3:17 PM:
----------------------------------------------------
h4. 1. Characteristics of the Default Implementation
h5. General
h5. JCR API
h6. AccessControlManager#hasPrivilege and #getPrivileges
h6. AccessControlManager#getEffectivePolicies
h5. Jackrabbit API
h6. Principal-based Access Control
The principal-based access control management as present in Jackrabbit-core is
no longer present with OAK. The main benefit of the principal-based approach
has been incorporated with the changes in the default permission evaluation
(see OAK-942). In addition the default access control manager implementation
supports all methods defined by {{JackrabbitAccessControlManager}}; i.e.
editing access control information by principal is possible as long as the
editing session has sufficient permission on the target node(s). Similarly, the
per principal policies exposed to a given session will always respect that
access rights of that session.
h4. 2. API Extensions and Public Classes
org.apache.jackrabbit.oak.spi.security.authorization.accesscontrol
- {{AbstractAccessControlList}}
- {{ImmutableACL}}
- {{ACE}}
org.apache.jackrabbit.oak.spi.security.authorization.restriction
- {{RestrictionProvider}}:
- {{RestrictionDefinition}}
- {{RestrictionPattern}}
- {{Restriction}}
h4. 3. Configuration
The following access control related configuration options are present with the
{{AuthorizationConfiguration}} as of OAK 1.0
- {{getAccessControlManager}}
- {{getRestrictionProvider}}
h4. 4 References
was (Author: anchela):
h4. 1. Characteristics of the Default Implementation
h5. General
h5. JCR API
h6. AccessControlManager#hasPrivilege and #getPrivileges
h6. AccessControlManager#getEffectivePolicies
h5. Jackrabbit API
h6. Principal-based Access Control
The principal-based access control management as present in Jackrabbit-core is
no longer present with OAK. The main benefit of the principal-based approach
has been incorporated with the changes in the default permission evaluation
(see OAK-942). In addition the default access control manager implementation
supports all methods defined by {{JackrabbitAccessControlManager}}; i.e.
editing access control information by principal is possible as long as the
editing session has sufficient permission on the target node(s).
h4. 2. API Extensions and Public Classes
org.apache.jackrabbit.oak.spi.security.authorization.accesscontrol
- {{AbstractAccessControlList}}
- {{ImmutableACL}}
- {{ACE}}
org.apache.jackrabbit.oak.spi.security.authorization.restriction
- {{RestrictionProvider}}:
- {{RestrictionDefinition}}
- {{RestrictionPattern}}
- {{Restriction}}
h4. 3. Configuration
The following access control related configuration options are present with the
{{AuthorizationConfiguration}} as of OAK 1.0
- {{getAccessControlManager}}
- {{getRestrictionProvider}}
h4. 4 References
> AccessControl Management: Document changes wrt. Jackrabbit
> ----------------------------------------------------------
>
> Key: OAK-792
> URL: https://issues.apache.org/jira/browse/OAK-792
> Project: Jackrabbit Oak
> Issue Type: Sub-task
> Components: jcr
> Reporter: angela
> Assignee: angela
>
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
