jackrabbit-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Marcel Reutegger (JIRA)" <j...@apache.org>
Subject [jira] Created: (JCR-81) Implement anonymous login with credentials
Date Thu, 24 Mar 2005 16:40:27 GMT
Implement anonymous login with credentials
------------------------------------------

         Key: JCR-81
         URL: http://issues.apache.org/jira/browse/JCR-81
     Project: Jackrabbit
        Type: Bug
  Components: security  
 Environment: svn revision: 158911
    Reporter: Marcel Reutegger
    Priority: Minor


Jackrabbit currently implements anonymous login by detecting a null credentials argument on
login. This is actually not compliant to the specification.

<spec>
If credentials is null, it is assumed that authentication is handled by a mechanism external
to the repository itself (for example, through the JAAS framework) and that the repository
implementation exists within a context (for example, an application server) that allows it
to handle authorization of the request for access to the specified workspace.
</spec>

Jackrabbit should rather support anonymous login with a defined credential, either some subclass
of SimpleCredentials or a predefined / known userId that has read-only access.

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
   http://issues.apache.org/jira/secure/Administrators.jspa
-
If you want more information on JIRA, or have a bug to report see:
   http://www.atlassian.com/software/jira


Mime
View raw message