Ldap permissions

Fri, 07 Jan 2011 00:39:43 -0800 

Hello all.

I want to sincronize my jackrabbit application whit an ldap authentication 
directory.

I have configured the security module of  my repository.xml in this way:

<Security appName="Jackrabbit">
<SecurityManager class="org.apache.jackrabbit.core.DefaultSecurityManager" 
workspaceName="security">

                               <!--
                              workspace access:
                                class: FQN of class implementing the 
WorkspaceAccessManager interface
                                -->
                               <!-- <WorkspaceAccessManager class="..."/> -->
                                <!-- <param name="config" 
value="${rep.home}/security.xml"/> -->
                </SecurityManager>



                <AccessManager 
class="org.apache.jackrabbit.core.security.DefaultAccessManager">
                               <!-- <param name="config" 
value="${rep.home}/access.xml"/> -->
                </AccessManager>


                <LoginModule 
class="com.sun.security.auth.module.LdapLoginModule">
                                  <param name="userProvider" 
value="ldap://maquinaldap:10389/"/>
                                  <param name="authIdentity" 
value="uid={USERNAME}, ou=users, ou=system" />
                                  <param name="useSSL" value="false" />
                </LoginModule>

</Security>

I got to access ldap without problems, but now my problems are related to 
permission.

I have three workspaces, and the users of the ldap have not permission to 
access this workspaces.

How can I configure the permission for the ldap users?

Must I create a customAccessManager?

How can I indicate an admin or system user for the ldad users?


Thanks and regards.



________________________________
Este correo electrónico y, en su caso, cualquier fichero anexo al mismo, 
contiene información de carácter confidencial exclusivamente dirigida a su 
destinatario o destinatarios. Si no es vd. el destinatario indicado, queda 
notificado que la lectura, utilización, divulgación y/o copia sin autorización 
está prohibida en virtud de la legislación vigente. En el caso de haber 
recibido este correo electrónico por error, se ruega notificar inmediatamente 
esta circunstancia mediante reenvío a la dirección electrónica del remitente.
Evite imprimir este mensaje si no es estrictamente necesario.

This email and any file attached to it (when applicable) contain(s) 
confidential information that is exclusively addressed to its recipient(s). If 
you are not the indicated recipient, you are informed that reading, using, 
disseminating and/or copying it without authorisation is forbidden in 
accordance with the legislation in effect. If you have received this email by 
mistake, please immediately notify the sender of the situation by resending it 
to their email address.
Avoid printing this message if it is not absolutely necessary.

Reply via email to