I think could be a good idea. +1
Juanjo On Thu, Jan 8, 2009 at 5:23 PM, Felix Meschberger <[email protected]>wrote: > Hmm, I wonder, whether we should not change the default configuration of > the jackrabbit-server bundle to use the below setup instead of our > current Simple non-secured setup. > > WDYT ? > > Regards > Felix > > Rory Douglas schrieb: > > Yes, I think you'll need (at a minimum) to setup the SecurityManager. > > If you setup the DefaultAccessManager, you can use AccessControlManager > > to set ACLs on nodes for authorization. I haven't tried mixing these > > with an external JAAS LoginModule, but I think it would work. > > Otherwise, configure that too. > > > > <Security appName="Jackrabbit"> > > <SecurityManager > > class="org.apache.jackrabbit.core.DefaultSecurityManager" > > workspaceName="security"></SecurityManager> > > > > <AccessManager > > > class="org.apache.jackrabbit.core.security.DefaultAccessManager"></AccessManager> > > > > > > <LoginModule > > > class="org.apache.jackrabbit.core.security.authentication.DefaultLoginModule"> > > > > <param name="anonymousId" value="anonymous"/> > > <param name="adminId" value="admin"/> > > </LoginModule> > > </Security> > > > > Regards, > > Rory > > > > yanshaozhiGmail wrote: > >> HI: > >> > >> thanks very much for telling me so much , I have another question , > >> if I want to user the user manager in sling, Do I have to change the > >> sling code (sling repository: repository.xml replace the > >> SimpleAccessManager > >> to DefultAccessManager and other interface.) > >> > >> > >> 2009-01-08 > >> > >> > >> yanshaozhiGmail > >> > >> > >> 发件人: Rory Douglas 发送时间: 2009-01-08 23:41:11 收件人: > >> sling-dev 抄送: 主题: Re: Since sling is support ing for jackrabbit > >> 1.5 why doesn't providehttp api for user manager? > >> You need to do two things to get access to > >> UserManager/PrincipalManager. First, you should remove the > >> org.apache.sling.jcr.jackrabbit.api bundle. Then download the > >> Jackrabbit 1.5 API bundle & install that instead (it's OSGI-ified). > >> That will export the releveant JSR283 packages. > >> Then you should be able to do the following (in a JSP or anywhere you > >> have a Session): > >> UserManager userManager = null; > >> if(session instanceof PooledJackrabbitSession) { > >> userManager = ((PooledJackrabbitSession)session).getUserManager(); > >> } else { > >> // use reflection since Jackrabbit.core package not exported > >> Method m = session.getClass().getMethod("getUserManager"); > >> userManager = (UserManager)m.invoke(session); > >> } > >> This same pattern works for PrincipalManager which is exposed on the > >> JackrabbitSession. If you want the AccessControlManager (to set > >> ACLs), you'll need to use the reflection approach only for now. You > >> don't need to actually access the "security" workspace in order to > >> create & manager users (although there's no good way to list all users > >> right now, so accessing the workspace probably would give you that > >> ability). > >> I've created a utility class that wraps up all this messy code - I'll > >> open an issue & submit the patch now. > >> Regards, > >> Rory > >> yanshaozhiGmail wrote: > >> > >>> HI: > >>> > >>> As I know , now sling is support for jackrabbit 1.5 , it will > >>> more powerfull if sling can provide api for user manager . > >>> > >>> And is there any way to implement user manage with sling > >>> if I implement it myself ? how can I get ""security" workspace? > >>> > >>> It's seems that there isn't "security" workspace in sling's > >>> jackrabbit repository. > >>> > >>> > >>> 2009-01-08 > >>> > >>> > >>> yanjie > >>> > > > >
