I have run this code against a newly initialized repositry and it is working for me. How are you testing? Is it possible that there are other permissions which are granting access?
On Mon, Dec 29, 2008 at 2:10 PM, Cheng Zhang <[email protected]>wrote: > Hi, > > I'm new to Jackrabbit. Can anybody share me a piece of code about how to > limit user's repository permission to read-only? My code below doesn't work. > > Repository repo = > RepositoryAccessServlet.getRepository(pageContext.getServletContext()); > SessionImpl jcrsession = (SessionImpl) repo.login(new > SimpleCredentials("admin", "admin".toCharArray())); > UserManager userManager = jcrsession.getUserManager(); > User user = (User) userManager.getAuthorizable("anonymous"); > AccessControlManager accessControlManager = > jcrsession.getAccessControlManager(); > String restrictedArea = "/"; > > org.apache.jackrabbit.api.jsr283.security.AccessControlPolicyIterator > restrictedPolicies = > accessControlManager.getApplicablePolicies(restrictedArea); > > org.apache.jackrabbit.core.security.authorization.JackrabbitAccessControlList > restrictedPolicy = > > > (org.apache.jackrabbit.core.security.authorization.JackrabbitAccessControlList) > restrictedPolicies.nextAccessControlPolicy(); > Privilege[] readonlyPrivileges = { > > accessControlManager.privilegeFromName(Privilege.JCR_READ), > > accessControlManager.privilegeFromName(Privilege.JCR_READ_ACCESS_CONTROL), > }; > > restrictedPolicy.addEntry(user.getPrincipal(), > readonlyPrivileges, true); > accessControlManager.setPolicy(restrictedArea, > restrictedPolicy); > > jcrsession.save(); > jcrsession.logout(); > > > Your kind help is appreciated greatly. > > Thanks a lot, > Kevin > -- Todd Seiber 830 Fishing Creek Rd. New Cumberland, PA 17070 h. 717-938-5778 c. 717-497-1742 e. [email protected]
