You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@jackrabbit.apache.org by Christophe Lombart <ch...@gmail.com> on 2005/08/24 00:09:46 UTC

Fwd: JAAS - Permissions

Hi All,


How can I control access to  my JCR repo (permissions) ?
Eg. Group "Admin" can modify the complete content tree, Group "Guest"
can only view (no update) contents define in
"/allContent/public-docs". The user "XX" can modify all docs in
"/users-doc/XX" and view all content in "/allContent", ...

Is it already implemented in Jackrabbit ? If not, Do you see a nice
solution for this kind of access control ?

Thanks,
Christophe

Re: JAAS - Permissions

Posted by Stefan Guggisberg <st...@gmail.com>.

hi christophe
there are dummy LoginModule & AccessManager implementations in
the o.a.jr.core.security package:
- SimpleLoginModule
- SimpleAccessManager

see http://issues.apache.org/jira/browse/JCR-153

have a look at the code, writing a custom LoginModule/AcessManager 
that covers your use case should be pretty straightforward.

contributions would certainly be welcome ;)

cheers
stefan

On 8/24/05, Christophe Lombart <ch...@gmail.com> wrote:
> Hi All,
> 
> 
> How can I control access to  my JCR repo (permissions) ?
> Eg. Group "Admin" can modify the complete content tree, Group "Guest"
> can only view (no update) contents define in
> "/allContent/public-docs". The user "XX" can modify all docs in
> "/users-doc/XX" and view all content in "/allContent", ...
> 
> Is it already implemented in Jackrabbit ? If not, Do you see a nice
> solution for this kind of access control ?
> 
> Thanks,
> Christophe
>