Hi, I wrote some explanations on: http://interfacesdesign.blogspot.com/2009/09/jaas-in-jackrabbit.html
Now i am realizing that my capability model approach it is quite complicated. But anyway... You can try the default jackrabbit acl. it must be much easier. I like my implementation because is xpath based, i can use variables inside xpath and i do not need to set acl permissions on each node i am creating. Mihai --- On Mon, 9/7/09, Mihai Vasilache <[email protected]> wrote: From: Mihai Vasilache <[email protected]> Subject: Re: providing authorized access to users in repository To: [email protected] Date: Monday, September 7, 2009, 8:47 AM Actually i implemented the security using capability model instead ACL in my application. I will send later some details. The ideea is that you must understand jaas first (not so easy because there is not so much documentation), then you must implement an org.apache.jackrabbit.core.security.AccessManager a good start with some examples: http://www.jaasbook.com/ Mihai --- On Fri, 9/4/09, Jukka Zitting <[email protected]> wrote: From: Jukka Zitting <[email protected]> Subject: Re: providing authorized access to users in repository To: [email protected] Date: Friday, September 4, 2009, 3:43 PM Hi, On Tue, Sep 1, 2009 at 12:10 PM, simer anand<[email protected]> wrote: > After following much about JAAS tutorials and also > implemented the Jaas Authentication part need to know about Jaas > Authorizations. To do this i read the Jaas Authentication part but don't > know how to implement it to repository so that different access is to be > provided to the the nodes depending upon users. Currently Jackrabbit only uses JAAS for authentication. Authorization is based on an ACL-system specified in the JCR 2.0 drafts. You can also extend Jackrabbit with a custom authorization mechanism (including one based on JAAS) by implementing the internal Jackrabbit security API. BR, Jukka Zitting
