You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@jackrabbit.apache.org by Mihai Vasilache <mi...@yahoo.com> on 2009/09/07 14:27:40 UTC
Re: providing authorized access to users in repository (the Capability Model vs. ACL)
Hi,
I wrote some explanations on:
http://interfacesdesign.blogspot.com/2009/09/jaas-in-jackrabbit.html
Now i am realizing that my capability model approach it is quite complicated. But anyway... You can try the default jackrabbit acl. it must be much easier.
I like my implementation because is xpath based, i can use variables inside xpath and i do not need to set acl permissions on each node i am creating.
Mihai
--- On Mon, 9/7/09, Mihai Vasilache <mi...@yahoo.com> wrote:
From: Mihai Vasilache <mi...@yahoo.com>
Subject: Re: providing authorized access to users in repository
To: users@jackrabbit.apache.org
Date: Monday, September 7, 2009, 8:47 AM
Actually i implemented the security using capability model instead ACL in my application. I will send later some details.
The ideea is that you must understand jaas first (not so easy because there is not so much documentation), then you must implement an org.apache.jackrabbit.core.security.AccessManager
a good start with some examples: http://www.jaasbook.com/
Mihai
--- On Fri, 9/4/09, Jukka Zitting <ju...@gmail.com> wrote:
From: Jukka Zitting <ju...@gmail.com>
Subject: Re: providing authorized access to users in repository
To: users@jackrabbit.apache.org
Date: Friday, September 4, 2009, 3:43 PM
Hi,
On Tue, Sep 1, 2009 at 12:10 PM, simer anand<si...@gmail.com> wrote:
> After following much about JAAS tutorials and also
> implemented the Jaas Authentication part need to know about Jaas
> Authorizations. To do this i read the Jaas Authentication part but don't
> know how to implement it to repository so that different access is to be
> provided to the the nodes depending upon users.
Currently Jackrabbit only uses JAAS for authentication. Authorization
is based on an ACL-system specified in the JCR 2.0 drafts.
You can also extend Jackrabbit with a custom authorization mechanism
(including one based on JAAS) by implementing the internal Jackrabbit
security API.
BR,
Jukka Zitting