Actually i implemented the security using capability model instead ACL in my application. I will send later some details. The ideea is that you must understand jaas first (not so easy because there is not so much documentation), then you must implement an org.apache.jackrabbit.core.security.AccessManager
a good start with some examples: http://www.jaasbook.com/ Mihai --- On Fri, 9/4/09, Jukka Zitting <[email protected]> wrote: From: Jukka Zitting <[email protected]> Subject: Re: providing authorized access to users in repository To: [email protected] Date: Friday, September 4, 2009, 3:43 PM Hi, On Tue, Sep 1, 2009 at 12:10 PM, simer anand<[email protected]> wrote: > After following much about JAAS tutorials and also > implemented the Jaas Authentication part need to know about Jaas > Authorizations. To do this i read the Jaas Authentication part but don't > know how to implement it to repository so that different access is to be > provided to the the nodes depending upon users. Currently Jackrabbit only uses JAAS for authentication. Authorization is based on an ACL-system specified in the JCR 2.0 drafts. You can also extend Jackrabbit with a custom authorization mechanism (including one based on JAAS) by implementing the internal Jackrabbit security API. BR, Jukka Zitting
