JSR-170 (JCR 1.0)

JSR-283 (JCR 2.0)

  • Access Control Policies
    • Abstract concept, no concrete meaning
  • Access Control Entries
    • Corresponds to a credential in Lenya
    • Grants a set of privileges to a principal (user/group/role/…)
    • Can only grant permissions, not revoke them


Set a policy on a node:

AccessControlManager acMgr = session.getAccessControlManager();

Privilege supportedPrivileges = acMgr.getSupportedPrivileges("/lenya");
Map<String,Privilege> name2privilege = mapNamesToPrivileges(supportedPrivileges);
Privilege[] privileges = {

PrincipalManager principalMgr = session.getPrincipalManager();
Principal john = principalMgr.lookupPrincipal("john");

acMgr.addAccessControlEntry("/foo/bar", john, privileges);
  • No labels