hi chad
I found the wiki page describing the access control mechanism ( http://wiki.apache.org/jackrabbit/AccessControl). I understand, from this page, that resource based ACL's are the default mechanism. This will suit my purposes fine, but I can't find any documentation of how to configure the lists? Can someone point me to the appropriate location?
JCR 2.0 API defines some access control related interfaces, notably - AccessControlManager: used to manipulate access control policies - AccessControlPolicy and a derived interface AccessControlList - AccessControlEntry - Privilege the specification can provide you with some basic information about how to use the api. in addition there are a couple of extensions in the jackrabbit-api such as the ability to create ACEs that deny privileges. furthermore jackrabbit-api also defines a PrincipalManager that allows you to retrieve the principals you want to create ACEs for. this part has been omitted from the jsr 283 specification. hope that helps angela
