doubt whit user resources and permissions

[Javier Arias <ja...@ujaen.es>]

Hi everybody!

I need help. I have created a webdav server with jackrabbit. If I
execute the server with 

java -jar jacrabbit-satandlone.jar -port 6789 

and I put the url http://localhost:6789 , I can see all the resources
that the server has. 

I have the user and the resources that can see them in a table of sql. I
want that each user can see only the resources which they have
permission. Can anyone help me to do it? 

Note that I am using "DefaultLoginModule" in the repository.xml

Thank you in advance.

Regards.

Re: doubt whit user resources and permissions

[Angela Schreiber <an...@adobe.com>]

hi javier

> I have the user and the resources that can see them in a table of sql. I
> want that each user can see only the resources which they have
> permission. Can anyone help me to do it?
>
> Note that I am using "DefaultLoginModule" in the repository.xml

the default login module expects that the user to be authenticated
is known to the usermanager (see DefaultLoginModule#doInit).
-> what's the nature of your user manager (configurable as part of
    the security manager)?

the regular permission evaluation in jackrabbit is based on the
set of principals present in the session's subject, which gets
populated during LoginModule#commit (see also #getPrincipals()).
-> what's the nature of you principal provider (configurable as part
    of the loginmodule).

and finally you need to make sure that permission evaluation is
according to your needs... in case they are stored with your users
in the sql table
-> unless the default setup in jackrabbit is suitable for you, you
    would probably have to write a custom accessmanager and/or
    accesscontrolprovider... that depends a bit on the overall setup
    you are having.

regards
angela