Create the secured repository layer over this SQL repository. The secured repository’s XML definition file looks like this:
<!-- secured-test-repository.xml --> <?xml version="1.0" encoding="UTF-8" standalone="no"?> <!DOCTYPE secured-repository-template PUBLIC "-//Art Technology Group, Inc.//DTD Dynamo Security//EN" "http://www.atg.com/dtds/security/secured_repository_template_1.1.dtd"> <secured-repository-template> <item-descriptor name="test_items"> <!-- The ACL that applies to the item view/descriptor --> <descriptor-acl value="Admin$role$administrators-group: read,write,create,delete;Admin$role$everyone-group:read"/> <!-- The property where the ownership is stored --> <owner-property name="item_owner"/> <!-- The property where ACL is stored in --> <acl-property name="item_acl"/> <!-- An ACL fragment that is assigned to all new items --> <creation-base-acl value="Admin$role$administrators-group: read,write,list,destroy,read_owner,write_owner,read_acl,write_acl; Admin$role$everyone-group:read,list"/> <!-- Access rights assigned to the owner when an item is created --> <creation-owner-acl-template value="$:read,write,list,destroy"/> <!-- Access rights assigned to all owner groups when an item is created. WARNING: This feature can be dangerous. --> <creation-group-acl-template value="$:read,list"/> <property name="secured_property"> <!-- The ACL that applies to this property across all repository items --> <descriptor-acl value="Admin$role$administrators-group: read,write;Admin$role$everyone-group:read"/> <!-- The name of the item property where this property's ACL is stored. --> <acl-property name="secured_property_acl"/> <!-- An ACL fragment assigned to this property when an item is created. --> <creation-base-acl value="Admin$role$administrators-group:read,write"/> <!-- Access rights assigned to the owner when an item is created --> <creation-owner-acl-template value="$:read,write"/> <!-- Access rights assigned to all owner groups when an item is created. WARNING: This feature can be dangerous. --> <creation-group-acl-template value="$:read,write"/> </property> </item-descriptor> </secured-repository-template>