Hi Bertil,
Thanks for providing these examples.
But your configuration setup confuses me: You really mean, that there
must be two identical configuration setups: Once in jaas.config and one
in repository.xml ?
Regards
Felix
Bertil Chapuis schrieb:
> I just have forget the configuration.
>
> A jaas.config file directly in the repository folder.
>
> Jackrabbit {
> org.apache.jackrabbit.core.security.authentication.DefaultLoginModule
> required anonymousId="anonymous" adminId="admin"
> };
>
> And the following for the security manager in the repository.xml file.
>
> <Security appName="Jackrabbit">
>
> <SecurityManager
> class="org.apache.jackrabbit.core.DefaultSecurityManager"
> workspaceName="security"></SecurityManager>
>
> <AccessManager
> class="org.apache.jackrabbit.core.security.DefaultAccessManager"></AccessManager>
>
> <LoginModule
> class="org.apache.jackrabbit.core.security.authentication.DefaultLoginModule">
> <param name="anonymousId" value="anonymous"/>
> <!--
> administrator user id (default value if param is missing
> is 'admin')
> -->
> <param name="adminId" value="admin"/>
> <!--
> optional parameter 'principalProvider'.
> the value refers to the class name of the
> PrincipalProvider implementation.
> -->
> <!-- <param name="principalProvider" value="..."/> -->
> </LoginModule>
> </Security>
>
>
> Best regards,
>
> Regards,
>
> Bertil
>
>
> On Fri, Dec 19, 2008 at 8:37 AM, Bertil Chapuis <[email protected]
> <mailto:[email protected]>> wrote:
>
> Hi Dave,
>
> I just had made an example for that. There are probably better
> solutions but here is the code (works only with Jackrabbit):
>
> // admin session
> Repository repository = new TransientRepository();
> SessionImpl session = (SessionImpl) repository.login(new
> SimpleCredentials("admin", "admin".toCharArray()));
>
> // user management
> UserManager userManager = session.getUserManager();
>
> User anonymous = (User)
> userManager.getAuthorizable("anonymous");
>
> User user = (User) userManager.getAuthorizable("user");
> if (user == null) user = userManager.createUser("user", "user");
>
> // right management
> AccessControlManager accessControlManager =
> session.getAccessControlManager();
>
> // forbid the view of the restricted area to anonymous
> String restrictedArea = "/content/restrictedarea";
> AccessControlPolicyIterator restrictedPolicies =
> accessControlManager.getApplicablePolicies(restrictedArea);
> JackrabbitAccessControlList restrictedPolicy =
> (JackrabbitAccessControlList)
> restrictedPolicies.nextAccessControlPolicy();
> Privilege[] previewPrivileges =
> accessControlManager.getSupportedPrivileges(restrictedArea);
>
> // also possible to set a map of restrictions
> restrictedPolicy.addEntry(anonymous.getPrincipal(),
> previewPrivileges, false);
>
> accessControlManager.setPolicy(restrictedArea,
> restrictedPolicy);
>
> // apply the policy
> session.save();
>
> If the node "/content/restrictedarea" exists in the repository, it
> will only be seen by the authentified users.
>
> Best Regards,
>
> Bertil Chapuis
>
>
>
>
> On Thu, Dec 18, 2008 at 9:46 PM, daveg0
> <[email protected] <mailto:[email protected]>>
> wrote:
>
>
> Hi,
>
> I have just built and deployed JackRabbit 1.5 and now want to
> use some form
> of Access Control on specific nodes.
>
> Is there any documentation about this or examples? From trawling
> around the
> source code, I can see that DefaultAccessManager,
> DefaultLoginModule,
> UserManagerImpl and DefaultLoginModule could be useful, but how
> do I tie all
> these together.
>
> For example how do I populate the repository with Users
> initially, must I
> use SimpleLogonModule to create the users and then switch over
> to the
> DefaultLoginModule. How do I configure these components in
> repository.xml?
>
> regards,
>
> Dave Gough
>
>
> --
> View this message in context:
> http://www.nabble.com/Jackrabbit-1.5-Security-tp21080602p21080602.html
> Sent from the Jackrabbit - Users mailing list archive at Nabble.com.
>
>
>
