Ok, thanks in advance for answering. I found DefaultAccessManager class, which extends AbstractAccessControlManager (and has setPolicy method implemented). After it i set such class in repository.xml file to use it as my access manager and, leaving commented the access.xml file (with no file), i can not perform operations on the repository (logged in as admin), as i obtain the following exceptions:
javax.jcr.PathNotFoundException: /myfolder (trying to access a node to create a child node) javax.jcr.AccessDeniedException: cannot read item cafebabe-cafe-babe-cafe-babecafebabe (trying to create a user) ... So i think that access.xml line must be uncommented (DefaultAccessManager can not be instantiated since such file does not exist) and populated with access control data, isn't it? I did not find access.xml info so far, any useful pointer? Thanks for your attention! 2011/9/13 Justin Edelson <[email protected]> > You should not need to write your own implementations of any Jackrabbit or > JCR interfaces to set an ACL on a node. > > Regards, > Justin > > On Sep 13, 2011, at 7:38 AM, Francisco Carriedo Scher < > [email protected]> wrote: > > > Hi there, > > > > i have been diving in mailing list and source code of Jackrabbit and > finally > > my impression is that just interfaces are defined respecting access > control > > (lots of abstract classes to be extended with my own code, right?). I say > > that based on quotes from the mailing list as: > > > > > http://mail-archives.apache.org/mod_mbox/jackrabbit-users/201106.mbox/%[email protected]%3E > > > http://mail-archives.apache.org/mod_mbox/jackrabbit-users/201106.mbox/%[email protected]%3E > > > > About the source code, when i extend the abstract classes related to > > access control (AbstractAccessControlManager, AbstractACLTemplate, > > ...) what really intrigates me is that i thought that the ACLs remain > > stored within the repository binded somehow to the node they were > > created for (with setPolicy method). The point is, if i extend the > > classes mentioned (and thus write setPolicy source code), it is up to > > me where to store the ACL objects as long as i provide a method to get > > them when needed to perform access control operations? Isn't it? Would > > be valid ideas storing them inside Jackrabbit's as nodes, or within a > > database or...? > > > > Thanks in advance for any hint about my wrongness or correctness! >
