You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@jackrabbit.apache.org by Ian Boston <ie...@tfd.co.uk> on 2009/04/28 16:19:05 UTC

Implementing an AccesssControlProvider

I am trying to extend the standard acl.ACLProvider class so that I can  
change the way principals are resolved.

all I want to do is change the way in which the ACE's are filtered in  
ACLTemplate.collectEntries(...), probably 5 - 10 lines of code in  
total, but the classes are so private and protected that the only way  
I can do this appears to be to copy ACLProvider, ACLEditor, ACLTemplate

However when I do that, I discover that

     protected SecurityItemModifier() {
         Class cl = getClass();
         if (!(cl.equals(UserManagerImpl.class) ||
               cl.equals(ACLEditor.class) ||
                
cl 
.equals 
(org 
.apache 
.jackrabbit 
.core.security.authorization.principalbased.ACLEditor.class))) {
             throw new IllegalArgumentException("Only UserManagerImpl  
and ACLEditor may extend from the SecurityItemModifier");
         }
     }

Only a set number of hard coded classes are allowed to extend the  
Jackrabbit security model which makes the AccessControlProvider  
interface a bit lame.

So my question,
what is the correct way to extend the security model or is the only  
way to re-implement everything at the AccessControlManager level ?

Ian