Adding simple permissions to users

[Raymond Boswel <ra...@gmail.com>]

Hi guys,

I'm trying add very simple authentication to my oak repository. The
application is already secured, so I just want to use the authentication
framework to use the created/createdBy mixin to populate the appropriate
fields. I can create the users, but I get an AccessDeniedException when
trying to add nodes. I've played around with impersonating a user using the
admin user, and trying stuff with the permissions manager, but to no avail.
Is there a quick and dirty solution I could use for this?

Kind regards,
Raymond

Re: Adding simple permissions to users

[Raymond Boswel <ra...@gmail.com>]

Hi Angela,

You can view my setup code here <http://pastebin.com/8j9uSvxW>. I don't
think the contentRepo/contentSession stuff gets used anywhere at the
moment, but since everything isn't working yet(pretty close though :) I
haven't cleaned the code up yet. I the OpenAuthenticationConfiguration
option sounds good. Is this a parameter I must add to the securityprovider
initialization map?

Thanks,
Raymond

On Mon, Feb 9, 2015 at 10:11 AM, Angela Schreiber <an...@adobe.com> wrote:

> hi raymond
>
> how do you setup the security parts of the oak repository?
>
> for what you want to do, you probably only want to have
> parts of the default security modules in place... depending
> on which parts you wish to have and which parts should be
> disabled/replace, you may just reconfigure the existing one
> or come up with your custom security provider.
>
> as far as authorization is concerned: if that is already
> covered by your application you may consider using the
> OpenAuthorizationConfiguration (or something similar)
> instead of the default full featured one.
>
> if you are running oak in an OSGi setup you may simply
> register your custom AuthorizationConfiguration as a service
> to replace the existing. see SecurityProviderImpl for
> the details.
>
> hope that helps
> angela
>
>
>
> On 09/02/15 08:31, "Raymond Boswel" <ra...@gmail.com> wrote:
>
> >Hi guys,
> >
> >I'm trying add very simple authentication to my oak repository. The
> >application is already secured, so I just want to use the authentication
> >framework to use the created/createdBy mixin to populate the appropriate
> >fields. I can create the users, but I get an AccessDeniedException when
> >trying to add nodes. I've played around with impersonating a user using
> >the
> >admin user, and trying stuff with the permissions manager, but to no
> >avail.
> >Is there a quick and dirty solution I could use for this?
> >
> >Kind regards,
> >Raymond
>
>

Re: Adding simple permissions to users

[Angela Schreiber <an...@adobe.com>]

hi raymond

how do you setup the security parts of the oak repository?

for what you want to do, you probably only want to have
parts of the default security modules in place... depending
on which parts you wish to have and which parts should be
disabled/replace, you may just reconfigure the existing one
or come up with your custom security provider.

as far as authorization is concerned: if that is already
covered by your application you may consider using the
OpenAuthorizationConfiguration (or something similar)
instead of the default full featured one.

if you are running oak in an OSGi setup you may simply
register your custom AuthorizationConfiguration as a service
to replace the existing. see SecurityProviderImpl for
the details.

hope that helps
angela



On 09/02/15 08:31, "Raymond Boswel" <ra...@gmail.com> wrote:

>Hi guys,
>
>I'm trying add very simple authentication to my oak repository. The
>application is already secured, so I just want to use the authentication
>framework to use the created/createdBy mixin to populate the appropriate
>fields. I can create the users, but I get an AccessDeniedException when
>trying to add nodes. I've played around with impersonating a user using
>the
>admin user, and trying stuff with the permissions manager, but to no
>avail.
>Is there a quick and dirty solution I could use for this?
>
>Kind regards,
>Raymond