Yes, all users can access the root node. A users permission defines which node/folders below the root can be accessed.
We do have access control defined in the JCR repository. When a user logs in through our web application, based on users permissions, we expose only some folders below the root node, for example - we may only show Folder-1 (and subtree), Folder-2 (and subtree) under the root. Likewise if a user has permission for all folders under the root, as in admin role, we show all folders under the root. But we cant get this done through webdav. We are using org.apache.jackrabbit.j2ee.SimpleWebdavServlet and 'Windows Explorer-Tools-Map Network Drive' to get a webdav view. When the SimpleWebdavServlet is invoked, it exposes all folders under root to every user. For a webdav call, I would like to intercept the user request, check permissions and expose only the permissioned folders. How can I get this done through SimpleWebdavServlet? What cusomization is required? Thanks a lot for your support. Sushil Angela Schreiber wrote: > > hi > > i'm not totally sure, if i understand what you are > trying to do. correct me, if my answer points into > a wrong direction. > >> My repository structure looks like this - A single workspace, with a few >> top >> level custom folders like Folder-1, Folder-2 and its children >> >> Workspace >>> Folder-1 (Child-1.1, Child-1.2, Child-1.3 etc) >>> Folder-2 (Child-2.1, Child-2.2, Child-2.3 etc) >>> Folder-3 >> >> When a user logs in through webdav, we would like to control users access >> to >> top level folder (and therefore its sub tree). Say user-1 does not have >> access to Folder-1,then Folder-1 (and its subtree) should not be seen on >> webdav login. > > but all users are allowed to access the root node? > this seems to be prerequisit to me. > > >> Any idea how I can do this? > > if you want to have access control taking effect, you > currently have to define that in the underlying JCR > Repository, for the simple webdav layer currently > doesn't support the access control feature. > >> We are experimenting with our custom DirListingExportHandler and >> IOHandler, >> no luck so far. > > that looks wrong to me. the IOHandlers are intended > to deal with import/export of resource data and > properties. they should not know anything about > access control. > > hope that helps > angela > > > > -- View this message in context: http://www.nabble.com/webdav-control-nodes%28folders%29-to-display-tp16423305p16447046.html Sent from the Jackrabbit - Users mailing list archive at Nabble.com.
