我几乎找不到任何关于如何为多个用户设计和构建存储库的文档.
我是Jackrabbit的新手,我总是使用一个主用户凭证来构建一个只有一个主用户访问的存储库.
现在我需要一个由成千上万的用户共享的存储库,每个用户都可以使用他的节点,并且没有其他用户的权限.
SimpleAccessManager非常简单:
public boolean isGranted(ItemId id,int permissions) throws RepositoryException {
checkInitialized();
if (system) {
// system has always all permissions
return true;
} else if (anonymous) {
// anonymous is always denied WRITE & REMOVE permissions
if ((permissions & WRITE) == WRITE
|| (permissions & REMOVE) == REMOVE) {
return false;
}
}
return true;
}
看起来无法使用SimpleLoginModule和SimpleAccessManager创建这样的多用户存储库.因为它只区分ADMIN和匿名用户,它们可以读取所有内容但无法写入…
所以必须使用DefaultAccessManager,也许这样做:
Session session = repository.login(new SimpleCredentials("admin","admin".tocharArray()));
UserManager um = ((JackrabbitSession) session).getUserManager();
User user = um.createUser("john","doe");
/* And assign some ALC as follows... And then play with it like this,which really sucks without proper documentation,one has to reverse engineer everything,wtf */
AccessControlManager acm = session.getAccessControlManager();
AccessControlPolicyIterator it = acm.getApplicablePolicies(testRootNode.getPath());
while ( it.hasNext() ) {
AccessControlPolicy acp = it.nextAccessControlPolicy();
Privilege[] privileges = new Privilege[]{acm.privilegeFromName(Privilege.JCR_WRITE)};
((AccessControlList)acp).addAccessControlEntry(new PrincipalImpl(user.getUserID()),privileges);
acm.setPolicy(testRootNode.getPath(),acp);
}
可以通过OpenCMIS访问存储库,OpenCMIS从客户端提供用户凭据.
编辑:这就是我在寻找AccessControl
最佳答案