It looks as though I could take the patches and apply them to the 1.3.3 source I downloaded and re-build Jackrabbit. Would this be a true statement?
Also, I have implemented my own AccessManager, and have as of yet been able to find a way to retrieve an instance of a Node from a NodeId. There is nothing in the Path class or the HierarchyManager, and no hints elsewhere. Do you have any ideas how I would accomplish this? Thank you for the info. This was extremely helpful to me. ---MKelleher Jukka Zitting wrote: > > Hi, > > On Dec 13, 2007 9:22 PM, qcfireball <[EMAIL PROTECTED]> wrote: >> It looks to me so far that Jackrabbit has no "native" Authorization >> provided >> with it. I have looked at the source quite a bit the last couple days, >> and >> there does not seem to be anything of this sort. Is this true? > > Yes, currently we only ship a very rudimentary authorization mechanism > that basically just distinguishes between read-only access for a > specific "anonymous" account, and read-write access to everyone else. > >> Are people implementing this themselves using the AccessManager >> interface? >> Are they using JeCARS to implement repository Authorization, or some >> other >> pre-built product? > > Yes, there are a few threads (mostly on dev@) about implementing > custom AccessManagers. This is currently the recommended way of > implementing authorization policies in Jackrabbit. > > Note that Day Software is currently contributing a rather > comprehensive ACL-based authorization component (see > https://issues.apache.org/jira/browse/JCR-1171), but this feature will > unfortunately not make it in the Jackrabbit 1.4 release. And if there > are other generic AccessManagers out there, I'd certainly be > interested in including also them in the Jackrabbit core. > > BR, > > Jukka Zitting > > -- View this message in context: http://www.nabble.com/Authorization-tp14322959p14335524.html Sent from the Jackrabbit - Users mailing list archive at Nabble.com.
