You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@jackrabbit.apache.org by Nandana Mihindukulasooriya <na...@gmail.com> on 2007/06/28 15:48:49 UTC

Setting Security Configuration in repository.xml

Hi,
  There was a detailed description about the Workspace Configuration,
Versioning configuration and Persistence managers in repository.xml in the
Jackrabiit site and it was very useful. But there was not much details about
security configurations. I went through the 6.9 Acess Control section of the
JSR-170 also but didn't get much details. In the repository.xml,

    <Security appName="Jackrabbit">
        <!--
            access manager:
            class: FQN of class implementing the AccessManager interface
        -->
        <AccessManager class="
org.apache.jackrabbit.core.security.SimpleAccessManager">
            <!-- <param name="config" value="${rep.home}/access.xml"/> -->
        </AccessManager>

        <LoginModule class="
org.apache.jackrabbit.core.security.SimpleLoginModule">
           <!-- anonymous user name ('anonymous' is the default value) -->
           <param name="anonymousId" value="anonymous"/>
        </LoginModule>
    </Security>

How can access.xml be used to define security configurations and what should
it's format be ? I tried to find a
sample access.xml in the source but wasn't able to. I would be really
thankful if someone can give me a brief
explanation about these configurations.

Thank you,
Nandana

Re: Setting Security Configuration in repository.xml

Posted by Stefan Guggisberg <st...@gmail.com>.

On 9/21/07, thirdnormal <na...@thirdnormal.com> wrote:
>
>
> Nunny wrote:
> >
> > How can access.xml be used to define security configurations and what
> > should
> > it's format be ? I tried to find a
> > sample access.xml in the source but wasn't able to. I would be really
> > thankful if someone can give me a brief
> > explanation about these configurations.
> >
>
> Does anyone know the answer to this question? I am also wondering the same
> thing.

SimpleAccessManager is a just mock implementation of the
o.a.j.c.security.AccessManager interface. it's there for demonstrational
purposes only. there are several @todo comments in the source code
of SimpleAccessManager that indicate where a custom implementation
would want to insert custom authorization code.

WRT access.xml: there's no such file. the commented out element
in the respository.xml is just an example how to configure/parameterize
a custom AccessManager implementation, e.g.:

       <AccessManager class="my.app.CustomAccessManager">
           <param name="config" value="${rep.home}/access.xml"/>
           <param name="foo" value="bar"/>
       </AccessManager>

cheers
stefan

>
> Thanks
>
>
> --
> View this message in context: http://www.nabble.com/Setting-Security-Configuration-in-repository.xml-tf3994484.html#a12807661
> Sent from the Jackrabbit - Users mailing list archive at Nabble.com.
>
>

Re: Setting Security Configuration in repository.xml

Posted by thirdnormal <na...@thirdnormal.com>.


Nunny wrote:
> 
> How can access.xml be used to define security configurations and what
> should
> it's format be ? I tried to find a
> sample access.xml in the source but wasn't able to. I would be really
> thankful if someone can give me a brief
> explanation about these configurations.
> 

Does anyone know the answer to this question? I am also wondering the same
thing.

Thanks


-- 
View this message in context: http://www.nabble.com/Setting-Security-Configuration-in-repository.xml-tf3994484.html#a12807661
Sent from the Jackrabbit - Users mailing list archive at Nabble.com.