||Implementation of the
AccessControlProvider interface that
is used to protected the 'security workspace' containing the user and
UserImporter implements a
DefaultProtectedPropertyImporter that is able to deal with
user/group content as defined by the default user related node types present
The importer is intended to be used by applications that import user content
extracted from another repository instance and immediately persist the
imported content using
||Inner class defining the treatment of membership or impersonator
values pointing to non-existing authorizables.
||Default implementation of the
UserManager interface with the
Users and Groups are stored in the repository as JCR nodes.
Users are created below
UserConstants.GROUPS_PATH (unless otherwise configured).
The Id of an authorizable is stored in the jcr:uuid property (md5 hash).
In order to structure the users and groups tree and avoid creating a flat
hierarchy, additional hierarchy nodes of type "rep:AuthorizableFolder" are
the specified intermediate path passed to the create methods
or some built-in logic if the intermediate path is missing.
The built-in logic applies the following rules:
The names of the hierarchy folders is determined from ID of the
authorizable to be created, consisting of the leading N chars where N is
the relative depth starting from the node at
By default 2 levels (depth == 2) are created.
Parent nodes are expected to consist of folder structure only.
If the ID contains invalid JCR chars that would prevent the creation of
a Node with that name, the names of authorizable node and the intermediate
hierarchy nodes are
Creating an non-existing user with ID 'aSmith' without specifying an
intermediate path would result in the following structure:
||Derived UserManager implementation that allows to switch between autosaving
and transient change mode.