You may also need org.apache.jackrabbit.spi.* if you use some
HierarchyManager methods (e.g. getPath) in your AccessManager. I added
the snippet below to jackrabbit-server bundle's POM:
<Export-Package>
org.apache.jackrabbit.core.*,
org.apache.jackrabbit.spi.*
</Export-Package>
Sebastian Gomez wrote:
Hi Felix.
I tested what you told me, but I've seen it's not going to be possible only
exporting org.apache.jackrabbit.core.security due to the fact that the
AccessManager interface uses org.apache.jackrabbit.core.ItemId (so it will
also need org.apache.jackrabbit.core exported, that by what you said I see
is not an option). On the other hand I've had a look over the JSR-283 spec
and the Jackrabbit 1.5 source code and it looks that it will include exactly
what I need, so I think my best option is to hold on until you finish the
migration. The thing is that I'm in a bit of a hurry with this part of my
application, I've got my deadline quite near, so I hope you don't mind me
daring to ask you how much time you estimate it will take (just to know if I
can wait, or if I must implement this in some quick&dirty way and expect an
upgrade in the future).
Thanks a lot for your help, and I hope you can help me out with this last
doubt.
Br,
SebatiAn Gomez ;)
On Wed, Dec 17, 2008 at 2:44 PM, Felix Meschberger <[email protected]>wrote:
Hi Sebastien,
Sebastian Gomez schrieb:
Hi.
Thanks for the answers. Is there any date scheduled for the upgrade to
Jackrabbit 1.5? ACL was what I was thinking to use, so maybe the upgrade
resolves my problem (although I haven't been able to find much
documentation
on ACL in 1.5 (if someone knows where I can find it I'll appreciate the
indication). What worries me the most is that if ACL in 1.5 is not
suitable
enough for my app, what would be the way to go?
As Alex said, I am already working on migrating Sling's Jackrabbit
inclusion to 1.5.
Now for documentation: There is the jackrabbit.apache.org site and there
is a Jackrabbit Wiki. If you don't find any documentation there, it is
probably best to just ask on the Jackrabbit dev or user list.
Finally, since the Jackrabbit access control functionality is an
implementation of the JSR-283 (JCR 2.0) access control functionality,
you might find the appropriate description there. The public review
draft is available from http://www.jcp.org/en/jsr/detail?id=283
Hope this helps.
Regards
Felix
On Wed, Dec 17, 2008 at 1:34 AM, Torgeir Veimo <[email protected]>
wrote:
On 17 Dec 2008, at 03:59, Rory Douglas wrote:
As for the AccessManager, I think there are plans to upgrade Sling to
Jackrabbit 1.5, so it may be more worthwhile to wait for that & use the
repository-ACL-based AccessManager that comes with 1.5 rather than
implementing your own. Or ping me & I can send you what I cobbled
together
for ACL-based control.
ACLs are not suitable for most web applications. They're declarative,
while
most interactive web applications require implicit or application
specific
security constraints. Sling really needs to allow custom AccessManager
implementations.
--
Torgeir Veimo
[email protected]
--
Rory Douglas | Senior Principal Consultant
Fax: +1-201-604-6428 | Mobile: +1-917-498-5344
Oracle North America Consulting
ORACLE United States | | San Diego, CA
"Please consider your environmental responsibility before printing this
e-mail"
