Pli*_*kin 3 xml spring alfresco alfresco-share
我正在使用最新版本的Alfresco 5.0.a.我遵循了维基指南关于限制Alfresco网站创建的权限.我只希望Alfresco管理员能够创建它们.我遵循了Alfresco Wiki的指南:
在Alfresco 3.4.6及更高版本中控制站点创建权限
在Alfresco版本3.4.6(及更高版本)和4.0中,站点根目录上的权限已更改.要确保仅在站点根目录中创建"站点"对象,已从"站点"根目录中删除">""贡献者"权限,现在将在"站点服务"本身上处理"站点创建">"权限".
对于Alfresco 4.0,要更改谁能够创建站点,您需要更改spring> context以设置权限.一种方法是更改alfresco/public-services-security-context.xml文件(在webapps/alfresco/WEB-INF/classes/alfresco/public-services-security-context.xml中的默认安装中)
改变
org.alfresco.service.cmr.site.SiteService.createSite = ACL_ALLOW
至
org.alfresco.service.cmr.site.SiteService.createSite = ACL_METHOD.ROLE_ADMINISTRATOR
我找到了另一个Spring文件,类似于wiki中的文件,位于$ TOMCAT_HOME/shared/classes/alfresco/extension/unsecured-public-services-security-context.xml
但我没有找到那些Spring bean系列.所以我添加了这段代码:
<bean id="SiteService_security" class="org.alfresco.repo.security.permissions.impl.acegi.MethodSecurityInterceptor">
<property name="authenticationManager">
<ref bean="authenticationManager"/>
</property>
<property name="accessDecisionManager">
<ref local="accessDecisionManager"/>
</property>
<property name="afterInvocationManager">
<ref local="afterInvocationManager"/>
</property>
<property name="objectDefinitionSource">
<value>
org.alfresco.service.cmr.site.SiteService.createSite=ACL_METHOD.ROLE_ADMINISTRATOR
org.alfresco.service.cmr.site.SiteService.*=ACL_ALLOW
</value>
</property>
</bean>
我得到了这个(以及许多其他例外,但可能这是最有趣的一个)
我添加了catalina.out可能有趣的异常:
2014年7月17日下午11:59:38 org.apache.catalina.core.StandardContext listenerStart SEVERE:将上下文初始化事件发送到类org.alfresco.web.app.ContextLoaderListener org.springframework.beans.factory.parsing的侦听器实例的异常.BeanDefinitionParsingException:配置问题:无法从URL位置导入bean定义[classpath:alfresco/application-context.xml]违规资源:ServletContext资源[/WEB-INF/web-application-context.xml]; 嵌套异常是org.springframework.beans.factory.parsing.BeanDefinitionParsingException:配置问题:无法从URL位置导入bean定义[classpath*:alfresco/extension/* - context.xml]违规资源:类路径资源[alfresco/application -context.xml]; 嵌套异常是org.springframework.beans.factory.xml.XmlBeanDefinitionStoreException:来自文件的XML文档中的第29行[/opt/alfresco-5.0.a/tomcat/webapps/alfresco/WEB-INF/classes/alfresco/extension/public- services-security-context.xml]无效; 嵌套异常是org.xml.sax.SAXParseException; lineNumber:29; columnNumber:9; 标识符为"afterInvocationManager"的元素必须出现在文档中.
我不知道该怎么办.我找不到public-services-security-context.xml Spring文件.尽管我找到了类似的文件,但指南中提出的任何更改都是无用的.有什么想法吗?非常感谢你.我最好的问候.
Mattia Parise
这里有这个更具体实现的例子: https://forums.alfresco.com/forum/end-user-discussions/alfresco-share/siteservicesecurity-bean-override-causes-severe-error
具体来说,您需要将文件添加到shared/classes/alfresco/extension/tomcat实例中的文件夹中,该文件名类似于custom-public-services-security-context.xml.添加Alfresco wiki中提到的相应bean定义,重启Alfresco并瞧.
您可能还需要根据说明从site-services-context.xml覆盖bean定义,这样做的方式大致相同.
作为参考,所需的文件更改如下:http: //wiki.alfresco.com/wiki/Site_Service#Controlling_who_can_create_sites
对于Alfresco 5.0.a,我特意添加了以下文件shared/classes/alfresco/extension/.
custom-public-services-security-context.xml:
<?xml version='1.0' encoding='UTF-8'?>
<!DOCTYPE beans PUBLIC '-//SPRING//DTD BEAN//EN' 'http://www.springframework.org/dtd/spring-beans.dtd'>
<beans>
<bean id="SiteService_security" class="org.alfresco.repo.security.permissions.impl.acegi.MethodSecurityInterceptor">
<property name="authenticationManager"><ref bean="authenticationManager"/></property>
<property name="accessDecisionManager"><ref bean="accessDecisionManager"/></property>
<property name="afterInvocationManager"><ref bean="afterInvocationManager"/></property>
<property name="objectDefinitionSource">
<value>
org.alfresco.service.cmr.site.SiteService.cleanSitePermissions=ACL_NODE.0.sys:base.ReadProperties
org.alfresco.service.cmr.site.SiteService.createContainer=ACL_ALLOW,AFTER_ACL_NODE.sys:base.ReadProperties
org.alfresco.service.cmr.site.SiteService.createSite=ACL_METHOD.ROLE_ADMINISTRATOR
org.alfresco.service.cmr.site.SiteService.deleteSite=ACL_ALLOW
org.alfresco.service.cmr.site.SiteService.findSites=ACL_ALLOW,AFTER_ACL_NODE.sys:base.ReadProperties
org.alfresco.service.cmr.site.SiteService.getContainer=ACL_ALLOW,AFTER_ACL_NODE.sys:base.ReadProperties
org.alfresco.service.cmr.site.SiteService.listContainers=ACL_ALLOW,AFTER_ACL_NODE.sys:base.ReadProperties
org.alfresco.service.cmr.site.SiteService.getMembersRole=ACL_ALLOW
org.alfresco.service.cmr.site.SiteService.getMembersRoleInfo=ACL_ALLOW
org.alfresco.service.cmr.site.SiteService.resolveSite=ACL_ALLOW
org.alfresco.service.cmr.site.SiteService.getSite=ACL_ALLOW,AFTER_ACL_NODE.sys:base.ReadProperties
org.alfresco.service.cmr.site.SiteService.getSiteShortName=ACL_ALLOW,AFTER_ACL_NODE.sys:base.ReadProperties
org.alfresco.service.cmr.site.SiteService.getSiteGroup=ACL_ALLOW
org.alfresco.service.cmr.site.SiteService.getSiteRoleGroup=ACL_ALLOW
org.alfresco.service.cmr.site.SiteService.getSiteRoles=ACL_ALLOW
org.alfresco.service.cmr.site.SiteService.getSiteRoot=ACL_ALLOW,AFTER_ACL_NODE.sys:base.ReadProperties
org.alfresco.service.cmr.site.SiteService.hasContainer=ACL_ALLOW
org.alfresco.service.cmr.site.SiteService.hasCreateSitePermissions=ACL_ALLOW
org.alfresco.service.cmr.site.SiteService.hasSite=ACL_ALLOW
org.alfresco.service.cmr.site.SiteService.isMember=ACL_ALLOW
org.alfresco.service.cmr.site.SiteService.listMembers=ACL_ALLOW
org.alfresco.service.cmr.site.SiteService.listMembersInfo=ACL_ALLOW
org.alfresco.service.cmr.site.SiteService.listMembersPaged=ACL_ALLOW
org.alfresco.service.cmr.site.SiteService.listSites=ACL_ALLOW,AFTER_ACL_NODE.sys:base.ReadProperties
org.alfresco.service.cmr.site.SiteService.listSitesPaged=ACL_ALLOW,AFTER_ACL_NODE.sys:base.ReadProperties
org.alfresco.service.cmr.site.SiteService.removeMembership=ACL_ALLOW
org.alfresco.service.cmr.site.SiteService.canAddMember=ACL_ALLOW
org.alfresco.service.cmr.site.SiteService.setMembership=ACL_ALLOW
org.alfresco.service.cmr.site.SiteService.updateSite=ACL_ALLOW
org.alfresco.service.cmr.site.SiteService.countAuthoritiesWithRole=ACL_ALLOW
org.alfresco.service.cmr.site.SiteService.isSiteAdmin=ACL_ALLOW
org.alfresco.service.cmr.site.SiteService.*=ACL_DENY
</value>
</property>
</bean>
</beans>