Assume that our CQ system is developed for a Manufacturer and they has to deal with different Dealers, all of whom need to get access to the site. For this purpose all dealers required a login credentials and permission to access their CRX system. This can be achieved by following the steps below.
Step 1 : Create Username and password using your own logic.
Step 2 : Create UserManager Object.
org.apache.jackrabbit.api.security.user.UserManager;
UserManager userManager = resolver.adaptTo(UserManager.class);
Step 3: Create User with username and password. Before creating a User we can create a group (for example: Dealer Group), where we can add all the dealers (Users) .By providing permissions to the group ,all the users in the group will get the same permissions.
3.1 Create a Group and User
Group group=userManager.createGroup("Dealer Group");
User user = userManager.createUser(name, password);
3.2 Add Users to Group.
Authorizable authUser = userManager.getAuthorizable(user.getID());
group.addMember(authUser);
Step 4 : Provide permissions to Group.
AccessControlManager accCtrlMgr = session.getAccessControlManager();
JackrabbitSession jcrSession = (JackrabbitSession) session;
PrincipalManager principalMgr = jcrSession.getPrincipalManager();
Principal groupPrincipal = principalMgr.getPrincipal(group);
Privilege[] privileges = new Privilege[] { accCtrlMgr.privilegeFromName(Privilege.JCR_ALL) };
Step 5 : Set privileges to particular path
AccessControlList acl = accCtrlMgr.getApplicablePolicies(path).nextAccessControlPolicy();
acl.addAccessControlEntry(groupPrincipal, rootNodePrivilege);
accCtrlMgr.setPolicy(path, acl);
session.save();