You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@sling.apache.org by yanshaozhiGmail <ya...@gmail.com> on 2009/01/08 17:38:56 UTC
Re: Re: Since sling is support ing for jackrabbit 1.5 why doesn't providehttpapi for user manager?
HI:
It will be much easier for users if sling can change the source code .
And in my opinion, it's nesessary to change it, since sling support jackrabbit 1.5.
2009-01-09
yanshaozhiGmail
发件人: Felix Meschberger
发送时间: 2009-01-09 00:24:12
收件人: sling-dev
抄送:
主题: Re: Since sling is support ing for jackrabbit 1.5 why doesn't providehttpapi for user manager?
Hmm, I wonder, whether we should not change the default configuration of
the jackrabbit-server bundle to use the below setup instead of our
current Simple non-secured setup.
WDYT ?
Regards
Felix
Rory Douglas schrieb:
> Yes, I think you'll need (at a minimum) to setup the SecurityManager.
> If you setup the DefaultAccessManager, you can use AccessControlManager
> to set ACLs on nodes for authorization. I haven't tried mixing these
> with an external JAAS LoginModule, but I think it would work.
> Otherwise, configure that too.
>
> <Security appName="Jackrabbit">
> <SecurityManager
> class="org.apache.jackrabbit.core.DefaultSecurityManager"
> workspaceName="security"></SecurityManager>
>
> <AccessManager
> class="org.apache.jackrabbit.core.security.DefaultAccessManager"></AccessManager>
>
>
> <LoginModule
> class="org.apache.jackrabbit.core.security.authentication.DefaultLoginModule">
>
> <param name="anonymousId" value="anonymous"/>
> <param name="adminId" value="admin"/>
> </LoginModule>
> </Security>
>
> Regards,
> Rory
>
> yanshaozhiGmail wrote:
>> HI:
>>
>> thanks very much for telling me so much , I have another question ,
>> if I want to user the user manager in sling, Do I have to change the
>> sling code (sling repository: repository.xml replace the
>> SimpleAccessManager
>> to DefultAccessManager and other interface.)
>>
>>
>> 2009-01-08
>>
>>
>> yanshaozhiGmail
>>
>>
>> 发件人: Rory Douglas 发送时间: 2009-01-08 23:41:11 收件人:
>> sling-dev 抄送: 主题: Re: Since sling is support ing for jackrabbit
>> 1.5 why doesn't providehttp api for user manager?
>> You need to do two things to get access to
>> UserManager/PrincipalManager. First, you should remove the
>> org.apache.sling.jcr.jackrabbit.api bundle. Then download the
>> Jackrabbit 1.5 API bundle & install that instead (it's OSGI-ified).
>> That will export the releveant JSR283 packages.
>> Then you should be able to do the following (in a JSP or anywhere you
>> have a Session):
>> UserManager userManager = null;
>> if(session instanceof PooledJackrabbitSession) {
>> userManager = ((PooledJackrabbitSession)session).getUserManager();
>> } else {
>> // use reflection since Jackrabbit.core package not exported
>> Method m = session.getClass().getMethod("getUserManager");
>> userManager = (UserManager)m.invoke(session);
>> }
>> This same pattern works for PrincipalManager which is exposed on the
>> JackrabbitSession. If you want the AccessControlManager (to set
>> ACLs), you'll need to use the reflection approach only for now. You
>> don't need to actually access the "security" workspace in order to
>> create & manager users (although there's no good way to list all users
>> right now, so accessing the workspace probably would give you that
>> ability).
>> I've created a utility class that wraps up all this messy code - I'll
>> open an issue & submit the patch now.
>> Regards,
>> Rory
>> yanshaozhiGmail wrote:
>>
>>> HI:
>>>
>>> As I know , now sling is support for jackrabbit 1.5 , it will
>>> more powerfull if sling can provide api for user manager .
>>>
>>> And is there any way to implement user manage with sling
>>> if I implement it myself ? how can I get ""security" workspace?
>>>
>>> It's seems that there isn't "security" workspace in sling's
>>> jackrabbit repository.
>>>
>>>
>>> 2009-01-08
>>>
>>>
>>> yanjie
>>>
>
Re: Re: Since sling is support ing for jackrabbit 1.5 why doesn't providehttpapi for user manager?
Posted by Jason Pratt <jp...@gmail.com>.
i think that makes sense. as i am sure many folks will want to access this
ability, i was just wondering how to do this myself.
jason
On Thu, Jan 8, 2009 at 11:38 AM, yanshaozhiGmail <ya...@gmail.com>wrote:
> HI:
>
> It will be much easier for users if sling can change the source code .
>
> And in my opinion, it's nesessary to change it, since sling support
> jackrabbit 1.5.
>
>
> 2009-01-09
>
>
>
> yanshaozhiGmail
>
>
>
> 发件人: Felix Meschberger
> 发送时间: 2009-01-09 00:24:12
> 收件人: sling-dev
> 抄送:
> 主题: Re: Since sling is support ing for jackrabbit 1.5 why doesn't
> providehttpapi for user manager?
>
> Hmm, I wonder, whether we should not change the default configuration of
> the jackrabbit-server bundle to use the below setup instead of our
> current Simple non-secured setup.
> WDYT ?
> Regards
> Felix
> Rory Douglas schrieb:
> > Yes, I think you'll need (at a minimum) to setup the SecurityManager.
> > If you setup the DefaultAccessManager, you can use AccessControlManager
> > to set ACLs on nodes for authorization. I haven't tried mixing these
> > with an external JAAS LoginModule, but I think it would work.
> > Otherwise, configure that too.
> >
> > <Security appName="Jackrabbit">
> > <SecurityManager
> > class="org.apache.jackrabbit.core.DefaultSecurityManager"
> > workspaceName="security"></SecurityManager>
> >
> > <AccessManager
> >
> class="org.apache.jackrabbit.core.security.DefaultAccessManager"></AccessManager>
> >
> >
> > <LoginModule
> >
> class="org.apache.jackrabbit.core.security.authentication.DefaultLoginModule">
> >
> > <param name="anonymousId" value="anonymous"/>
> > <param name="adminId" value="admin"/>
> > </LoginModule>
> > </Security>
> >
> > Regards,
> > Rory
> >
> > yanshaozhiGmail wrote:
> >> HI:
> >>
> >> thanks very much for telling me so much , I have another question ,
> >> if I want to user the user manager in sling, Do I have to change the
> >> sling code (sling repository: repository.xml replace the
> >> SimpleAccessManager
> >> to DefultAccessManager and other interface.)
> >>
> >>
> >> 2009-01-08
> >>
> >>
> >> yanshaozhiGmail
> >>
> >>
> >> 发件人: Rory Douglas 发送时间: 2009-01-08 23:41:11 收件人:
> >> sling-dev 抄送: 主题: Re: Since sling is support ing for jackrabbit
> >> 1.5 why doesn't providehttp api for user manager?
> >> You need to do two things to get access to
> >> UserManager/PrincipalManager. First, you should remove the
> >> org.apache.sling.jcr.jackrabbit.api bundle. Then download the
> >> Jackrabbit 1.5 API bundle & install that instead (it's OSGI-ified).
> >> That will export the releveant JSR283 packages.
> >> Then you should be able to do the following (in a JSP or anywhere you
> >> have a Session):
> >> UserManager userManager = null;
> >> if(session instanceof PooledJackrabbitSession) {
> >> userManager = ((PooledJackrabbitSession)session).getUserManager();
> >> } else {
> >> // use reflection since Jackrabbit.core package not exported
> >> Method m = session.getClass().getMethod("getUserManager");
> >> userManager = (UserManager)m.invoke(session);
> >> }
> >> This same pattern works for PrincipalManager which is exposed on the
> >> JackrabbitSession. If you want the AccessControlManager (to set
> >> ACLs), you'll need to use the reflection approach only for now. You
> >> don't need to actually access the "security" workspace in order to
> >> create & manager users (although there's no good way to list all users
> >> right now, so accessing the workspace probably would give you that
> >> ability).
> >> I've created a utility class that wraps up all this messy code - I'll
> >> open an issue & submit the patch now.
> >> Regards,
> >> Rory
> >> yanshaozhiGmail wrote:
> >>
> >>> HI:
> >>>
> >>> As I know , now sling is support for jackrabbit 1.5 , it will
> >>> more powerfull if sling can provide api for user manager .
> >>>
> >>> And is there any way to implement user manage with sling
> >>> if I implement it myself ? how can I get ""security" workspace?
> >>>
> >>> It's seems that there isn't "security" workspace in sling's
> >>> jackrabbit repository.
> >>>
> >>>
> >>> 2009-01-08
> >>>
> >>>
> >>> yanjie
> >>>
> >
>