Hi,
I'm new to Jackrabbit. Can anybody share me a piece of code about how to limit
user's repository permission to read-only? My code below doesn't work.
Repository repo =
RepositoryAccessServlet.getRepository(pageContext.getServletContext());
SessionImpl jcrsession = (SessionImpl) repo.login(new
SimpleCredentials("admin", "admin".toCharArray()));
UserManager userManager = jcrsession.getUserManager();
User user = (User) userManager.getAuthorizable("anonymous");
AccessControlManager accessControlManager =
jcrsession.getAccessControlManager();
String restrictedArea = "/";
org.apache.jackrabbit.api.jsr283.security.AccessControlPolicyIterator
restrictedPolicies =
accessControlManager.getApplicablePolicies(restrictedArea);
org.apache.jackrabbit.core.security.authorization.JackrabbitAccessControlList
restrictedPolicy =
(org.apache.jackrabbit.core.security.authorization.JackrabbitAccessControlList)
restrictedPolicies.nextAccessControlPolicy();
Privilege[] readonlyPrivileges = {
accessControlManager.privilegeFromName(Privilege.JCR_READ),
accessControlManager.privilegeFromName(Privilege.JCR_READ_ACCESS_CONTROL),
};
restrictedPolicy.addEntry(user.getPrincipal(), readonlyPrivileges,
true);
accessControlManager.setPolicy(restrictedArea, restrictedPolicy);
jcrsession.save();
jcrsession.logout();
Your kind help is appreciated greatly.
Thanks a lot,
Kevin
