LDAP Configuration issues :-/

[ippon <ch...@tomcat.de>]

Hello!

I'm quite new to JackRabbit, but have to implement LDAP authentication &
authorization for a JackRabbit repository within an JEE project (using
currently JackRabbit 2.6.5 & JBoss).

What I did up to now:
- Configuration of DefaultSecurityManager with SimpleWorkspaceAccessManager
  (the only way to get access to the "default" workspace with LDAP!?)
- Configuration of DefaultAccessManager
- Configuration of LdapLoginModule
  (Access to LDAP works in principle!)

My problem(s):

1.) Importing of the content model into an empty repository with CndImporter
seems to work only with the SimpleAccessManager (which is by fact no
security at all)!? 
That's more an "cosmetic" issue, but if there's a way around it would be
really nice...

2.) Whenever I try to create an object within the repository with
LdapLoginModule & DefaultAccessManager, I run into an exception
"javax.jcr.AccessDeniedException: cannot read item
cafebabe-cafe-babe-cafe-babecafebabe" - which is as far as I could see in
the debugger, because JackRabbit tries to read the root node, finds no ACL
(just a hypothesis) and refuses therefore the access to this node!?

What works fine but is quite too simple for my needs, is creating &
accessing the repository with SimpleSecurityManager & SimpleAccessManager &
LdapLoginModule; in this case the authentication will be done via LDAP, but
then there is no further restriction of access according to ACLs :-/

So, I would be very happy for some hints regarding proper bootstrapping a
JackRabbit repository with configured LDAP security.

Thanks in advance,
Christian



--
View this message in context: http://jackrabbit.510166.n4.nabble.com/LDAP-Configuration-issues-tp4661266.html
Sent from the Jackrabbit - Users mailing list archive at Nabble.com.