jackrabbit-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Cech. Ulrich" <Ulrich.C...@aeb.de>
Subject UserManagement
Date Mon, 22 Feb 2010 16:24:26 GMT
Hello to all,

I played around with the "Authentication" methods in JackRabbit.
For a future production environment, I need some hints for following issues:

1. How can I change the password for the admin user? I read, that the admin user is important,
because JackRabbit otherwise cannot access some system nodes in the repo. But I don't find
a property for setting the password. If I look at the implementation it seems the the adminId
is equal to the password.
Or would it be a option to set the adminId to some "generated value", so no one would guess
this account?
Is there a "best practice"?

2. How do I remove the anonymous account? It is important, that only one user can even read
his "section", but not other "sections" of the repository, so anonymous would be a security
hit, because anonymous can read the whole repository.

3. I don't find a method for reading all "registered" users in the repository. I tried to
access the path "/rep:security/rep:authorizables/rep:users" but this node does not exist (or
I made some other mistake).

Thanks in advance for any help,
Ulrich


Treffen Sie AEB vom 2.-4. M?rz 2010 auf der LogiMAT in Stuttgart. Halle 5, Stand 407.
Weitere Informationen und Terminvereinbarung unter: www.aeb.de/logimat

Mime
View raw message