jackrabbit-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Odie1001 <gavin.w...@htk.co.uk>
Subject Re: Removing Jacrabbit Login
Date Tue, 20 Oct 2009 13:13:54 GMT

Hi Alexander

THanks for the info. We are coding around this issue now.

Thanks for the quick responce.

Gavin



Alexander Klimetschek wrote:
> 
> On Mon, Oct 19, 2009 at 12:53, Odie1001 <gavin.wood@htk.co.uk> wrote:
>> I have setup a JCR repository in TOMCAT 6 and it is working fine. We are
>> using the default setup where to access a repository a username and
>> password
>> is required (but it can be anything).
>>
>> We have a thirdparty app that is trying to retreive an xml doc stored in
>> this repository however there is no way for this app to pass a username
>> and
>> password prameter to the repository.
> 
> Why? How is it accessing the JCR? Using the JCR API remotely? Or using
> webdav? All access methods that I know provide a way to pass the
> credentials. If you use a custom server interface, you can use "admin"
> credentials there (albeit I would not recommend that, rather always
> try to do end-user login the whole way).
> 
>> Is there away to remove the login security for Jackrabbit so that
>> the app can retreive the xml file?
> 
> As you said, it can be anything, I guess you use a Jackrabbit pre-1.5
> with SimpleLoginModule that only separates between "admin",
> "anonymous" and other users, allowing all passwords. This is already a
> reduced security. Otherwise there is no way to go around a login, as
> the JCR API requires a login to acquire a session.
> 
> Regards,
> Alex
> 
> -- 
> Alexander Klimetschek
> alexander.klimetschek@day.com
> 
> 

-- 
View this message in context: http://www.nabble.com/Removing-Jacrabbit-Login-tp25956293p25974867.html
Sent from the Jackrabbit - Users mailing list archive at Nabble.com.


Mime
View raw message