jackrabbit-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Angela Schreiber <anch...@day.com>
Subject Re: AW: UserManagement
Date Tue, 23 Feb 2010 11:48:42 GMT
Cech. Ulrich wrote:
> Hi Angela,
> <Authorizable#remove>
> But the next start of the repository, the anonymous account
> is automatically recreated although the anonymous "account"
> is commented out in repository.xml.
> I tried this already. After "restart" of the repository,
> I could login with "anonymous" again. I think this is some
> Build-in functionality of Jackrabbit.

a yes. that's right... the default always creates the
admin and anonymous user. so either have to prevent
the anonymous from login (changing pw or change permissions of
the everyone or anonymous principal depending on your ac) or
provide your own security manager that doesn't create the anonymous.

> <there is no API method for that. but with the user manager
> implementation in JR it should work with the following...>
> Ok, that worked. Thanks.
> But how do you get the properties of an Authorizable?

what properties are you talking about?
the API call Authorizable#getProperty et al. only deal with
non-protected JCR properties that are modifiable by the
corresponding set methods... for the other props the corresp.
API calls should be used.
if you want to look at the properties in the regular item
hierarchy you have to navigate to the corresponding node.
NOTE: depending on your configuration the users may be stored
in a separate workspace.

> <User#changePassword>
> Yes, the changing works, but I want to verify the old password
> Like shown in the SLING-code, 

but this is the jackrabbit-users list.
if you want the API to expose a changePw(old, new) method, please
create a corresponding enhancement request.

> but the same problem as before,
> no properties nor the propertyNames are returned to verify
> against.

see above.


View raw message