Thanks for the help Ray, I wrote the code for authorization for my
application and It worked fine, I'll explain I little what Im trying
to do:
Im writing a module to keep track of the progress of a project. The
data gets stored in two different ways, basic data as the begining and
end of the project, the budget, the name, the creator and the person
that is in charge of leading the projects is saved on a database, then
a xml file with the mspdi (Microsoft Project Data Interchange) format
must be saved on a WebDAV server (slide), also a user must be created
on slide so the leader and the creator can read/write this xml file.
So each time a new user is created his/her data must be saved on the
db and a user must be created on slide and each time a project is
created an xml file is created on slide and the users related to the
project must be given read/write access to the file. Here is the
piece of code that I use to create the file and and grant access to
the users:
boolean sucess;
String pathCollection="/slide/files/"+code; //code=code name of
the project
String pathFile="/slide/files/"+code+"/"+name;
//name=code+".xml"
sucess=resource.mkcolMethod(pathCollection);
sucess=resource.putMethod(pathFile,file)&&sucess; //file=the xml
file (File class)
Ace aceLeader=new Ace("/slide/users/"+leader.getLogin());
Ace aceCreator=new Ace("/slide/users/"+creator.getLogin());
Privilege writePrivilege=new Privilege("DAV:","write",null);
Privilege readPrivilege=new Privilege("DAV:","read",null);
aceLeader.addPrivilege(writePrivilege);
aceLeader.addPrivilege(readPrivilege);
aceCreator.addPrivilege(writePrivilege);
aceCreator.addPrivilege(readPrivilege);
Ace[] aces=new Ace[2];
aces[0]=aceLeader;
aces[1]=aceCreator;
sucess=resource.aclMethod(pathFile,aces)&&sucess;
As Ray said the /slide part in each string is not neccesary, also what
I'm not is if the resource.aclMethod(pathFile,aces) overwrites the
existing aces on the resource or it just adds them to original aces.
I think it adds them.
Thanks for the help to all
Regards
2005/12/7, Ray Sprinkle <[EMAIL PROTECTED]>:
> That is correct. Things to note:
>
> 1. A principal in slide is a user, role or group.
> 2. Nesting is problematic (groups in groups).
> 3. The instance name is not required in the path when setting the
> principal:
> /slide/users/test <==> /users/test
> 4. Regardless of how you set the principal it will be returned from
> slide with the instance name prepended. So you always get back
> /slide/users/test. This is important because you don't want to assume
> that the slide instance is always called "slide".
> 5. In case you don't know ACEs are order sensitive. The list of ACEs
> are checked from first to last with the first matching ACE being the
> last one examined, starting with the current object and going upwards
> looking for inherited permissions.
> 6. ACEs can be set to be inherited or non-inherited. The Webdav client
> code supports this in the CVS version. You can patch the code (patch in
> bugzilla) to get the same functionality with the 2.1 version.
>
> Hope this helps.
>
> -----Original Message-----
> From: Gabriel Bermudez [mailto:[EMAIL PROTECTED]
> Sent: Wednesday, December 07, 2005 8:54 AM
> To: Slide Users Mailing List
> Subject: Re: Unresolved problem with users and passwords
>
> Hehe
> forgot the "piece of code" :)
>
> private boolean addPermission(WebdavResource webdavResource, QName
> permission, String path, String principal, boolean negative) throws
> HttpException, IOException
> {
>
> AclProperty acl = webdavResource.aclfindMethod(path);
> if (acl==null)
> {
> out.println("Error: PropFind didn't return an
> AclProperty!");
> return false;
> }
> Ace[] aces=acl.getAces();
>
> if (aces==null)
> aces=new Ace[0];
>
> if (debugLevel>5) {
> out.println();
> out.println("ACL from server");
> showAces(path, aces);
> }
>
> Ace ace=null;
> for (int i=0; i<aces.length && (ace==null); i++)
> {
> if ((aces[i].isNegative()==negative) &&
> !aces[i].isProtected()
> && !aces[i].isInherited() &&
> aces[i].getPrincipal().equals(principal))
> {
> if (debugLevel>5)
> out.println("found ace");
> ace=aces[i];
> }
> }
> if (ace==null)
> {
> Ace[] oldAces=aces;
> aces=new Ace[oldAces.length+1];
> System.arraycopy(oldAces,0,aces,0,oldAces.length);
> ace=new Ace(principal, negative, false, false,null);
> aces[oldAces.length]=ace;
> }
>
> Privilege privilege=new
> Privilege(permission.getNamespaceURI(), permission.getLocalName(),
> null);
> ace.addPrivilege(privilege);
>
> if (debugLevel>5) {
> out.println();
> out.println("ACL with updated privileges");
> showAces(path, aces);
> }
>
> boolean success = webdavResource.aclMethod(path,aces);
>
> if (!success)
> out.println(webdavResource.getStatusMessage());
>
> if (debugLevel>5) {
> acl = webdavResource.aclfindMethod(path);
> if (acl==null)
> out.println("Error: PropFind didn't return an
> AclProperty!");
> else
> {
> aces=acl.getAces();
> out.println();
> out.println("ACL from server after update");
> showAces(path, aces);
> }
> }
>
> return success;
> }
>
> 2005/12/7, Gabriel Bermudez <[EMAIL PROTECTED]>:
> > The webdav command client is a good example to, I found this piece of
> > code for adding a permission to principal, what is a principal? I
> > tried out the command client and It can be a role or a user, that is
> > the path to a role or user, for example:
> > /slide/roles/myrole <-- principal for a role /slide/users/myuser <--
> > principal for a user Correct me if Im wrong Thanks for the help
> >
> > 2005/12/6, Ray Sprinkle <[EMAIL PROTECTED]>:
> > > If you know how to assign object permissions to a user it works the
> same
> > > way. Use the role path where ever you would you the user path. To
> put
> > > add a user to a role you have to manipulate the "group-member-set"
> > > (I
> > > think) property of the role. I know there is a Wiki example.
> > >
> > > -----Original Message-----
> > > From: Gabriel Bermudez [mailto:[EMAIL PROTECTED]
> > > Sent: Tuesday, December 06, 2005 2:41 PM
> > > To: Slide Users Mailing List
> > > Subject: Re: Unresolved problem with users and passwords
> > >
> > > I forgot to ask something, creating a role is the same as creating a
>
> > > user, that is creating a collecition under /slide/roles/ and setting
>
> > > up the right properties?
> > > How do you give permissions to certains collections to a role, for
> > > example
> > >
> > > /slide/
> > > |--files/new/
> > > |--roles/
> > > |--newRole/ <---the users associted to this role can
> > > just read/write "/slide/new/"
> > >
> > > Again has anyone done this with the slide client library, or even
> > > better has some example code to use as base.
> > >
> > > Thanks in advanced
> > >
> > > 2005/12/6, Gabriel Bermudez <[EMAIL PROTECTED]>:
> > > > Hi,
> > > > A lot of thanks for the pointer :) After struggling the whole
> > > > morning with the problem I finally could create a user with a
> > > > password and set it to a role :) First of all I am using the JCA
> > > > connector to handle the connection and the transaction. I'm
> > > > calling the code from the method of an EJB.
> > > > Here is what I did:
> > > >
> > > > String host="http://127.0.0.1:8888/slide/";;
> > > > //the next line get a connection using JNDI
> > > > WebDAVConnection
> > > connection=JBSCUtil.getWebDAVConnection(host);
> > > > WebdavResource
> > > resource=connection.getWebdavResource();
> > > > //the variable login is the username
> > > > resource.mkcolMethod("/slide/users/"+login);
> > > >
> > > > PropertyName pn=new
> > > > PropertyName("http://jakarta.apache.org/slide/","password";);
> > > >
> > > resource.proppatchMethod("/slide/users/"+login,pn,password,true);
> > > > resource.setPath("/slide/roles/user");
> > > > Enumeration
> > > propEnum=resource.propfindMethod("group-member-set");
> > > > String val=(String)propEnum.nextElement();
> > > > String newProp="<![CDATA[<D:href
> > > > xmlns:D='DAV:'>"+"/slide/users/"+login+"</D:href>\r\n"+val+"]]>";
> > > >
> > > > //this little part changes I create a new
> > > > PropertyName
> > >
> > > > with
> > > > namespace=DAV: and tag=group-member-set
> > > > pn=new PropertyName("DAV:","group-member-set");
> > > > resource.proppatchMethod(pn,newProp,true);
> > > > connection.close();
> > > >
> > > > Hope this helps anyone that has or will have the same problem.
> > > > Again, thanks to Virgilio and Matias for the help given
> > > >
> > > > Regards
> > > >
> > > > 2005/12/5, Virgilio duce <[EMAIL PROTECTED]>:
> > > > > I have created a new user using webdav library.Here my code:
> > > > >
> > > > > Enumeration enumProp;
> > > > > try {
> > > > > // creates user
> > > > > String userDir= "/slide/slide/users/"+userName;
> > > > > webdavResource.mkcolMethod(userDir);
> > > > > webdavResource.setPath(userDir);
> > > > > PropertyName pn=new
> > > > > PropertyName("http://jakarta.apache.org/slide/","password";);
> > > > > webdavResource.proppatchMethod(pn,password,true);
> > > > >
> > > > > // Creating Xml of all existing user also
> > > > > String roleToAssign="/slide/slide/roles/"+role;
> > > > > System.out.println(roleToAssign);
> > > > > webdavResource.setPath(roleToAssign);
> > > > > enumProp =
> > > > > webdavResource.propfindMethod("group-member-set");
> > > > >
> > > > > String val=(String)enumProp.nextElement();
> > > > > System.out.println("Group-member-set vale :"+val);
> > > > > String newProp= "<![CDATA[<D:href
> > > > > xmlns:D='DAV:'>"+userDir+"</D:href>"+val+"]]>";
> > > > >
> > > webdavResource.proppatchMethod("group-member-set",newProp,true);
> > > > > } catch (IOException e) {
> > > > >
> > > > > e.printStackTrace();
> > > > > }
> > > > >
> > > > > I hope this can help you!!!
> > > > >
> > > > >
> > > > > ----- Original Message -----
> > > > > From: "Gabriel Bermudez" <[EMAIL PROTECTED]>
> > > > > To: "Slide Users Mailing List" <slide-user@jakarta.apache.org>
> > > > > Sent: Monday, December 05, 2005 9:20 PM
> > > > > Subject: Unresolved problem with users and passwords
> > > > >
> > > > >
> > > > > Hi, I've been reading the users mailing list and searching the
> > > > > web but everywhere I read, seems to have the same problem.
> > > > > To create a new user in slide, you have to create a colletion
> > > > > uner /slide/users with the user name, and then set a property
> > > > > with certain values, you can do it with third parties software
> > > > > like DAVExplorer, even the slide documentation has a little
> > > > > HOW-TO on that
> > > > > (jakarta.apache.org/slide/howto-create-users.html), but there is
>
> > > > > no WHO-TO example using the webdavclient library :( Was some one
>
> > > > > has done this already or you simple can't create users and set
> > > > > passwords with this library? Ive been trying to use the
> > > > > PropertyName
> > >
> > > > > because the webdav command client uses it to set properties like
> > > > > this:
> > > > >
> > > > > void proppatch(String path, String prop, String value)
> > > > > {
> > > > > String name=prop;
> > > > > try {
> > > > > path=checkUri(path);
> > > > > out.print("Putting property(" + name + ", " + value
> +
> > > > > ") to '" + path + "': ");
> > > > > if (webdavResource.proppatchMethod(
> > > > > path, new PropertyName("DAV:",name), value,
> true)) {
> > > > > out.println("succeeded.");
> > > > > } else {
> > > > > out.println("failed.");
> > > > > out.println(webdavResource.getStatusMessage());
> > > > > }
> > > > > }
> > > > > catch (Exception ex) {
> > > > > handleException(ex);
> > > > > }
> > > > > }
> > > > >
> > > > > Has anyone had a sucessfull creation of a user with a password
> > > > > using
> > >
> > > > > the webdavclient library, did you use the PropertyName class,
> > > > > can you give some sample code.
> > > > > Thanks a lot for your help
> > > > >
> > > > > ----------------------------------------------------------------
> > > > > ----
> > > > > - To unsubscribe, e-mail:
> > > > > [EMAIL PROTECTED]
> > > > > For additional commands, e-mail:
> > > > > [EMAIL PROTECTED]
> > > > >
> > > > >
> > > > > ----------------------------------------------------------------
> > > > > ----
> > > > > - To unsubscribe, e-mail:
> > > > > [EMAIL PROTECTED]
> > > > > For additional commands, e-mail:
> > > > > [EMAIL PROTECTED]
> > > > >
> > > > >
> > > >
> > >
> > > --------------------------------------------------------------------
> > > - To unsubscribe, e-mail: [EMAIL PROTECTED]
> > > For additional commands, e-mail: [EMAIL PROTECTED]
> > >
> > >
> > >
> > > --------------------------------------------------------------------
> > > - To unsubscribe, e-mail: [EMAIL PROTECTED]
> > > For additional commands, e-mail: [EMAIL PROTECTED]
> > >
> > >
> >
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
