+1
/Pontus
Felix Meschberger wrote:
Hmm, I wonder, whether we should not change the default configuration of
the jackrabbit-server bundle to use the below setup instead of our
current Simple non-secured setup.
WDYT ?
Regards
Felix
Rory Douglas schrieb:
Yes, I think you'll need (at a minimum) to setup the SecurityManager.
If you setup the DefaultAccessManager, you can use AccessControlManager
to set ACLs on nodes for authorization. I haven't tried mixing these
with an external JAAS LoginModule, but I think it would work.
Otherwise, configure that too.
<Security appName="Jackrabbit">
<SecurityManager
class="org.apache.jackrabbit.core.DefaultSecurityManager"
workspaceName="security"></SecurityManager>
<AccessManager
class="org.apache.jackrabbit.core.security.DefaultAccessManager"></AccessManager>
<LoginModule
class="org.apache.jackrabbit.core.security.authentication.DefaultLoginModule">
<param name="anonymousId" value="anonymous"/>
<param name="adminId" value="admin"/>
</LoginModule>
</Security>
Regards,
Rory
yanshaozhiGmail wrote:
HI:
thanks very much for telling me so much , I have another question ,
if I want to user the user manager in sling, Do I have to change the
sling code (sling repository: repository.xml replace the
SimpleAccessManager
to DefultAccessManager and other interface.)
2009-01-08
yanshaozhiGmail
发件人: Rory Douglas 发送时间: 2009-01-08 23:41:11 收件人:
sling-dev 抄送: 主题: Re: Since sling is support ing for jackrabbit
1.5 why doesn't providehttp api for user manager?
You need to do two things to get access to
UserManager/PrincipalManager. First, you should remove the
org.apache.sling.jcr.jackrabbit.api bundle. Then download the
Jackrabbit 1.5 API bundle & install that instead (it's OSGI-ified).
That will export the releveant JSR283 packages.
Then you should be able to do the following (in a JSP or anywhere you
have a Session):
UserManager userManager = null;
if(session instanceof PooledJackrabbitSession) {
userManager = ((PooledJackrabbitSession)session).getUserManager();
} else {
// use reflection since Jackrabbit.core package not exported
Method m = session.getClass().getMethod("getUserManager");
userManager = (UserManager)m.invoke(session);
}
This same pattern works for PrincipalManager which is exposed on the
JackrabbitSession. If you want the AccessControlManager (to set
ACLs), you'll need to use the reflection approach only for now. You
don't need to actually access the "security" workspace in order to
create & manager users (although there's no good way to list all users
right now, so accessing the workspace probably would give you that
ability).
I've created a utility class that wraps up all this messy code - I'll
open an issue & submit the patch now.
Regards,
Rory
yanshaozhiGmail wrote:
HI:
As I know , now sling is support for jackrabbit 1.5 , it will
more powerfull if sling can provide api for user manager .
And is there any way to implement user manage with sling
if I implement it myself ? how can I get ""security" workspace?
It's seems that there isn't "security" workspace in sling's
jackrabbit repository.
2009-01-08
yanjie
