Hi Karsten
Thanks a lot for your help. I tried AccessControlUtils.allow(), however
AccessControlUtils.getACL() is still returning NULL. I think I may have
also have to do something else to enable access control that particular
node. Following is my code complete code that tried AccessControlUtils. I
am still getting Null for acl.
Repository repository = new TransientRepository();
Session session = repository.login(new SimpleCredentials("admin",
"password".toCharArray()));
Node root = session.getRootNode();
root.addNode("leftChild");
root.addNode("rightChild");
session.save();
String path = session.getRootNode().getPath();
System.out.println(path);
AccessControlManager acm = session.getAccessControlManager();
AccessControlUtils.allow(session.getRootNode(), "admin", Privilege.JCR_ALL);
AccessControlList acl = AccessControlUtils.getAccessControlList(session,
path);
for (AccessControlEntry e : acl.getAccessControlEntries()) {
acl.removeAccessControlEntry(e);
}
acl.addAccessControlEntry(EveryonePrincipal.getInstance(), new Privilege[]
{ acm
.privilegeFromName(Privilege.JCR_ALL) });
acm.setPolicy(path, acl);
session.save();
Regards,
Atif
On Tue, Aug 25, 2015 at 7:46 AM, Karsten Priegnitz <k...@petoria.de> wrote:
> Hi Atif,
>
> I had the same problem as you and then I found
> org.apache.jackrabbit.commons.jackrabbit.authorization.AccessControlUtils:
>
> and that's all: AccessControlUtils.allow(session.getRootNode(), username,
> Privilege.JCR_ALL);
>
> Best
> Karsten
>
>
>
> Karsten R. Priegnitz
>
> programmierer | web-entwickler | linux administrator | digitaler nomade
> business: kontakt <http://petoria.de/portfolio/contact-about/> |
> portfolio <http://petoria.de/portfolio/>
> ------------------------------------------------------------------------
>
>
> Am 24.08.2015 um 22:40 schrieb Clay Ferguson:
>
>> I'm not *that* much of an expert, but it kind of works by bubbling up
>> towards the root I believe. So if you query for ACL on a node and it finds
>> none, that is fine. It just means that node is effectively controlled by
>> an
>> ancestor. Once you start adding AC L privs the that root starts applying
>> those there and all beneath it on the tree recursively. By default 'admin'
>> user has full privileges and everyone else has none. The session that
>> creates a node i think by default has all privs on that node, but i'd have
>> to check my code...I might be adding privs when creating. Look at my
>> "controller" class, and that is the top level, and a lot of stuff like
>> creating new nodes, moving nodes, adding ACLs etc can be sussed out by
>> just
>> looking at my code and not even running it. It's not too complicated. Does
>> that answer the question?
>>
>> Best regards,
>> Clay Ferguson
>> wcl...@gmail.com
>>
>>
>> On Mon, Aug 24, 2015 at 2:53 PM, Atif Manzoor <atif.manz...@gmail.com>
>> wrote:
>>
>> Hi Clay
>>>
>>> Thanks a lot for your response. I have been through your code and have
>>> found that you have also been using getApplicablePolicies(path) and
>>> getPolicies(path) function to get AccessControlList (ACL) object, however
>>> both of these function have not been returning any ACL policies for me.
>>> In
>>> words my node does not contain any modifiable ACL. Can you tell me why is
>>> that. What will I have to do, so that the node should also have
>>> modifiable
>>> ACL.
>>>
>>> Kind regards,
>>> Atif
>>>
>>> On Mon, Aug 24, 2015 at 7:01 PM, Clay Ferguson <wcl...@gmail.com> wrote:
>>>
>>> Hello Atif,
>>>>
>>>> You should check out my open source project:
>>>> https://github.com/Clay-Ferguson/meta64
>>>>
>>>> Download the zip and search for the words 'privilege' and/or
>>>>
>>> AccessControl,
>>>
>>>> etc.
>>>>
>>>> The AclService.java class has ability to do basic listing of privileges
>>>>
>>> for
>>>
>>>> a node, and adding or removing privileges from a node, and might help
>>>> you
>>>> some. Good luck.
>>>>
>>>> Best regards,
>>>> Clay Ferguson
>>>> wcl...@gmail.com
>>>>
>>>>
>>>> On Mon, Aug 24, 2015 at 12:07 PM, Atif Manzoor <atif.manz...@gmail.com>
>>>> wrote:
>>>>
>>>> I am new to Jackrabbit and after going through the first hops and
>>>>>
>>>> little
>>>
>>>> bit of documentation, I was trying to configure Access Control for the
>>>>> repository nodes. I was extending ThirdHop tutorial for that purpose
>>>>>
>>>> and
>>>
>>>> was following access control wiki
>>>>> http://wiki.apache.org/jackrabbit/AccessControl and had the following
>>>>> code.
>>>>>
>>>>> Session session = repository.login(new SimpleCredentials("username",
>>>>> "password"
>>>>> .toCharArray()));
>>>>> Node node = session.getRootNode();
>>>>> String path = node.getPath();
>>>>> AccessControlManager acm = session.getAccessControlManager();
>>>>>
>>>>> Privilege[] privileges = new Privilege[] { acm
>>>>> .privilegeFromName(Privilege.JCR_ALL) };
>>>>> AccessControlList acl;
>>>>> try {
>>>>> acl = (AccessControlList) acm.getApplicablePolicies(path)
>>>>> .nextAccessControlPolicy();
>>>>> } catch (NoSuchElementException e) {
>>>>> acl = (AccessControlList) acm.getPolicies(path)[0];
>>>>> }
>>>>> for (AccessControlEntry e : acl.getAccessControlEntries()) {
>>>>> acl.removeAccessControlEntry(e);
>>>>> }
>>>>> acl.addAccessControlEntry(EveryonePrincipal.getInstance(), privileges);
>>>>> acm.setPolicy(path, acl);
>>>>> session.save();
>>>>>
>>>>> My problem is that I could not get AccessControlList with this code.
>>>>>
>>>> Both
>>>
>>>> functions (getApplicablePolicies and getAllPolicies) don't have any
>>>>> AccessControlList attached with them. Can you tell me where I went
>>>>>
>>>> wrong. I
>>>>
>>>>> have been using the default security configuration.
>>>>>
>>>>> Thanks
>>>>> Atif
>>>>>
>>>>>
>
