Ah it is probably worth mentioning I am deplying the JCA of JackRabbit to Glassfish.
-- Cory On 28/07/2010, at 3:32 PM, Cory Prowse wrote: > I too have been struggling with security access in JackRabbit 2.1.0 these > past few days. > > I am attempting a proof of concept which allows adding nodes and specifying > which users/groups can view them, so that only the nodes the currently logged > in user has access to will be shown. > > When I attempt to use DefaultAccessManager I get: > javax.jcr.AccessDeniedException: cannot read item > cafebabe-cafe-babe-cafe-babecafebabe > > This is my config: > <Security appName="Jackrabbit"> > <!-- <AccessManager > class="org.apache.jackrabbit.core.security.simple.SimpleAccessManager" /> --> > <AccessManager > class="org.apache.jackrabbit.core.security.DefaultAccessManager" /> > > <LoginModule > class="org.apache.jackrabbit.core.security.simple.SimpleLoginModule"> > <param name="anonymousId" value="ANONYMOUS" /> > </LoginModule> > </Security> > > This exception occurs when I ask the session for the root node. > > Not quite following how to hook up security properly here, am I doing > something obviously wrong? > > -- Cory > > > On 28/07/2010, at 5:37 AM, Alexander Klimetschek wrote: > >> I am currently working on a wiki page for that: >> http://wiki.apache.org/jackrabbit/AccessControl >> >> Expect more in the coming days. >> >> Regards, >> Alex >> >> On Tue, Jul 27, 2010 at 15:51, Joel Feenstra <[email protected]> wrote: >>> Hi, >>> I'm working on adding some authentication/authorization to our application >>> which uses Jackrabbit 2.1. How can I best control access to a node (and it's >>> children) so that one user has read/write access to the subtree, but all >>> other users don't have any access (not even read access). >>> >>> I've looked at using the principal based ACLProvider, but I can't find any >>> examples detailing how to actually use it. >>> >>> Thanks, >>> Joel >>> [email protected] >>> >> >> >> >> -- >> Alexander Klimetschek >> [email protected] >
