Jackrabbit provides an additional API for security and user management. This is about user & group (principal) management. See AccessControl on how to set permissions for users and groups.
API
As an example to check if a user is the admin user, use:
JackrabbitSession js = (JackrabbitSession) session; User user = ((User) js.getUserManager().getAuthorizable(session.getUserID())); boolean isAdmin = user.isAdmin();
Please note this algorithm can only be used if user management is supported.
TODO
- list users
- create/delete users
- change password
- etc.