jackrabbit-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Angela Schreiber <anch...@day.com>
Subject Re: Problem with webdav and system user
Date Fri, 26 Oct 2007 08:10:36 GMT
hi nick

from what i see in your web.xml you have the missing-auth-mapping
set to <param-value>anonymous:anonymous</param-value>.
you are never be prompted for authentication, right?

so, you always get a session for the anonymous user when
requesting through the webdav server.
and i would assume, that the anonymous user does not have
write permission.

if this is the reason for you problem, i would suggest, that
you either omit the missing-auth-mapping parameter or set
the param-value to define the userId/password of a user that
has write permission.

hope that helps
angela



nick_stolwijk@planet.nl wrote:
> In our application we have Jackrabbit 1.3.1. We try to get write rights through webdav,
but can't get it right. In our repository.xml we have the following security section:
> 
> 	<Security appName="Jackrabbit">
> 		<!--
> 			access manager:
> 			class: FQN of class implementing the AccessManager interface
> 		-->
> 		<AccessManager
> 			class="org.apache.jackrabbit.core.security.SimpleAccessManager">
> 			<!-- <param name="config" value="${rep.home}/access.xml"/> -->
> 		</AccessManager>
> 
> 		<LoginModule
> 			class="org.apache.jackrabbit.core.security.SimpleLoginModule">
> 			<!-- anonymous user name ('anonymous' is the default value) -->
> 			<param name="anonymousId" value="anonymous" />
> 			<!--
> 				default user name to be used instead of the anonymous user
> 				when no login credentials are provided (unset by default)
> 			-->
> 			<!-- <param name="defaultUserId" value="superuser"/> -->
> 		</LoginModule>
> 	</Security>
> 
> And our web.xml is also configured:
>     <servlet>
>         <servlet-name>Webdav</servlet-name>
>         <description>The webdav servlet that connects HTTP request to the repository.</description>
>         <servlet-class>nl.ourcompany.servlet.SimpleWebdavServlet</servlet-class>
> 
>         <init-param>
>             <param-name>resource-path-prefix</param-name>
>             <param-value>/repository</param-value>
>             <description>defines the prefix for spooling resources out of the repository.</description>
>         </init-param>
> 
>         <init-param>
>             <param-name>missing-auth-mapping</param-name>
>             <param-value>anonymous:anonymous</param-value>
>             <description>
>                 Defines how a missing authorization header should be handled. 1) If this
init-param is missing, a 401 response is generated. This is suiteable for clients (eg.
>                 webdav clients) for which sending a proper authorization header is not
possible if the server never sent a 401. 2) If this init-param is present with an empty
>                 value, null-credentials are returned, thus forcing an null login on the
repository. 3) If this init-param has a 'user:password' value, the respective simple
>                 credentials are generated.
>             </description>
>         </init-param>
> 
>         <!--
>             Optional parameter to define the value of the 'WWW-Authenticate' header
>         -->
>         <!--
>             <init-param>
>             <param-name>authenticate-header</param-name>
>             <param-value>Basic realm="Jackrabbit Webdav Server"</param-value>
>             <description>
>             Defines the value of the 'WWW-Authenticate' header.
>             </description>
>             </init-param>
>         -->
>         <!--
>             Parameter used to configure behaviour of webdav resources such as:
>             - destinction between collections and non-collections
>             - resource filtering
>         -->
>         <init-param>
>             <param-name>resource-config</param-name>
>             <param-value>/WEB-INF/jcr-webdav-config.xml</param-value>
>             <description>Defines various dav-resource configuration parameters.</description>
>         </init-param>
>         <load-on-startup>4</load-on-startup>
>     </servlet>
> 
> Where the servlet-class is a straight copy of the Jackrabbit class.
> 
> With this configuration we are able to list the files in a WebDAV browser (like Konquerer),
for example on webdav://localhost/context/repository/default. Also, when we try to log on
with system (webdav://system@localhost/context/repository/default) we get the listing, but
we are not allowed to do any file modification (move, delete, create, adjust).
> 
> In earlier versions of Jackrabbit we were allowed to do file modifications. Is this changed
somehow? And how can we change files through webdav at the moment?
> 
> With regards,
> 
> Nick Stolwijk
> 

Mime
View raw message