jackrabbit-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Alexander Klimetschek <aklim...@day.com>
Subject Re: Security Configurations in Repository.xml
Date Wed, 19 Aug 2009 10:06:52 GMT
On Wed, Aug 19, 2009 at 11:39 AM, simer anand<simer.anand88@gmail.com> wrote:
>                    As i move to
> "http://localhost:8080/jackrabbit-webapp-1.5.6/repository/default" then
> without requiring an particular user name and password it allow access to
> repository with full authorizations. For that i started with JAAS tutorials
> and their sample programs, i read about them and then tried them & they
> executed fine . Till this everything is fine now issue is this i really
> don't know how to link JAAS authenticating programs with repository(
> configure repository.xml ) .

JAAS (and the LoginModule) only covers authentication, not authorization.

For authorization you have to provide you either use the new access
control as specified by the upcoming JCR 2.0 (JSR-283), which is
already implemented in Jackrabbit 1.5 (DefaultAccessManager) or write
your own AccessManager. See the jackrabbit mailing lists for more on
that (apart from the jsr-283 spec, it is currently the place for
documentation), eg.

http://markmail.org/message/aewzhztsiyrqfczm
http://markmail.org/message/lyg6ed4zlqozgzeo
http://markmail.org/message/mdr4o7xgtmny3o7l

Regards,
Alex

-- 
Alexander Klimetschek
alexander.klimetschek@day.com

Mime
View raw message