The simple jboss access manager is a specialized Access Manager to handle Authorization of individuals authenticated through jboss login modules. It maps roles from the jboss simplegroup class to jackrabbit permissions.

The intent of this document is to

Files that will be modified


Add SimpleJbossAccessManager to classpath

All code is apache licensed.

For the server .WAR deployment option, go to the attachments section and save the SimpleJbossAccessManager.jar under /WEB-INF/lib/SimpleJbossAccessManager.jar.

For JCA deployment option, save that same .jar and add it to the RAR file.


Configure Jackrabbit to use SimpleJbossAccessManager

Go to your repository.xml and modify the following:

<!-- remove this loginmodule so only use the login-config.xml configured modules. <LoginModule class="org.apache.jackrabbit.core.security.SimpleLoginModule"> <param name="anonymousId" value="anonymous"/> </LoginModule> -->


Authorization - mapping roles to permissions

This module uses the Jboss simplegroup class to get a list of Roles from the login-modules. This has specifically been tested on AD (active directory), although should be transparent for other security implementations.

Under your repository homedir (defined in your repository.xml as 'path') that usually shows /repository, /version, and /workspace directories create a rolemappings.properties file. If someone wanted to modify the code to allow positioning where the mapping file is, that would be fine.

rolemappings.properties (without the bullets):


SimpleJbossAccessManager (last edited 2009-09-20 23:45:05 by localhost)