Stefan Fromm wrote:
1. Is the security implementation class configurable via Domain.xml?
There
is a security store configuration in Domain.xml but I haven't seen the
entry
for the security helper class.
It is configurable. Under XPath /slide/namespace/configuration you can
set parameters for the security helper. It is called "acl_semantics" and
expects whether one of two standard values ("all-grant-before-any-deny"
or "legacy-all-grant-before-any-deny") or a class name of your own
security helper implementation. See the constructor of
NamespaceAccessToken where the class is loaded.
2. Which methods would have to be implemented if I am interested only
in the
authorization checks and not the assignments?
I guess the only method to override is evaluateAcl() like done in
ACLSecurityImpl.
evaluateAcl() is private so override
public boolean hasPermission(SlideToken token, ObjectNode objectNode, ActionNode
actionNode)
e.g. you can use (if you extend ACLSecurityImpl
if (token.getCredentialsToken().getPrincipal().getName().equals("root")) {
return true;
} else {
return super(token, objectNode, actionNode);
}
Stefan
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
