hi
I got to access ldap without problems, but now my problems are related to
permission.
I have three workspaces, and the users of the ldap have not permission to
access this workspaces.
that's probably due to the default workspace-access-manager present
by default which requires that the root node is accessible by means
of the regular access control evaluation... you may change that
by configuring another workspace-accesscontrol-manager that fits your
needs or make sure the permissions defined/evaluated in the repository
apply to your users.
How can I configure the permission for the ldap users?
Must I create a customAccessManager?
you can, but you don't have to... if we want to use the access control
model present with jackrabbit, you have to make sure that you create
(and configure) a PrincipalProvider implementation that maps your
ldap users to principals used the access control editing.
How can I indicate an admin or system user for the ldad users?
that depends on your access manager. if you are using the default
access control model present with jackrabbit, it should be sufficient
during the login-process in the loginmodule to populate the subject
with an AdminPrincipal in case of the admin-login. if you use your
custom access manager or a custom access control provider that may
vary obviously.
hope that helps
angela
Thanks and regards.
________________________________
Este correo electrónico y, en su caso, cualquier fichero anexo al mismo,
contiene información de carácter confidencial exclusivamente dirigida a su
destinatario o destinatarios. Si no es vd. el destinatario indicado, queda
notificado que la lectura, utilización, divulgación y/o copia sin autorización
está prohibida en virtud de la legislación vigente. En el caso de haber
recibido este correo electrónico por error, se ruega notificar inmediatamente
esta circunstancia mediante reenvío a la dirección electrónica del remitente.
Evite imprimir este mensaje si no es estrictamente necesario.
This email and any file attached to it (when applicable) contain(s)
confidential information that is exclusively addressed to its recipient(s). If
you are not the indicated recipient, you are informed that reading, using,
disseminating and/or copying it without authorisation is forbidden in
accordance with the legislation in effect. If you have received this email by
mistake, please immediately notify the sender of the situation by resending it
to their email address.
Avoid printing this message if it is not absolutely necessary.
