jackrabbit-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Justin Edelson <justinedel...@gmail.com>
Subject Re: Security on JR through Webdav
Date Wed, 11 Apr 2012 11:54:04 GMT
What do you mean by 'ACLs don't work through WebDAV'? The repository enforces ACLs regardless
of client type/protocol.


On Apr 11, 2012, at 6:57 AM, Francisco Carriedo Scher <fcarriedos@gmail.com> wrote:

> Hi there,
> regarding security on Webdav accessed JR repositories i would like to hear
> expertise opinions as access control is very permissive by default (and
> ACLs don't work through Webdav).
> About authentication, what would be necessary in order to authenticate all
> kinds of access?? (i.e.: opening a session with read / write permissions
> through Java code and access through the web browser too). Would suffice
> creating a custom access manager? I did it previously but i don't know if
> this is the best practice...
> Any orientation (or expertise opinion) about the right way of providing
> authentication and authorization on webdav accessed JR repositories will be
> appreciated.
> Thanks in advance for your time!

View raw message