You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@jackrabbit.apache.org by Micah Whitacre <mk...@gmail.com> on 2008/08/29 22:50:37 UTC
Required Admin/System user
I noticed that progress was recently made on implementing the
access/security features of JSR 283 in the 1.5-SNAPSHOT. After
pulling down the snapshots and without making any changes to my
repository.xml file I noticed what seems to be a nonpassive change.
In my repository.xml file I have:
<Security appName="Jackrabbit">
<AccessManager
class="org.apache.jackrabbit.core.security.SimpleAccessManager">
</AccessManager>
<LoginModule
class="org.apache.jackrabbit.core.security.simple.SimpleLoginModule">
</LoginModule>
<SecurityManager
class="org.apache.jackrabbit.core.security.simple.SimpleSecurityManager">
</SecurityManager>
</Security>
Notice I don't have any specific user configured as the admin or
system user. I do this because I don't care what users can change
what in the repository (access is checked a level higher). However
with this configuration I get the following exceptions when trying to
run:
Caused by: javax.jcr.AccessDeniedException: /: not allowed to modify item
at org.apache.jackrabbit.core.ItemImpl.validateTransientItems(ItemImpl.java:411)
at org.apache.jackrabbit.core.ItemImpl.save(ItemImpl.java:1058)
at com.cerner.system.configuration.repository.jcr.JCRSession.<init>(JCRSession.java:126)
... 26 more
The code that causes this exception is creating a child node of the
root node and specifically the exception is thrown on rootNode.save().
This change seems like it is non-passive, so I wasn't sure if this was
an intentional change or something I should log as a bug to track? I
have figured out how to get around it by implementing/configuring a
custom login module but wanted to check that would be necessary.
Thanks for your help,
Micah