You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@jackrabbit.apache.org by Fran Diaz <fr...@gmail.com> on 2009/01/02 08:50:38 UTC
Re: Jackrabbit Security Authentication Policy

And is also working for me.

Lot of thanks.

2008/12/28 Savvas Triantafyllou <sa...@gmail.com>

> Hello,
>
> > Hello. I'm trying to deploy Jackrabbit 1.5.0 via JCA resource adapter in
> > JBoss 4.2.3. I don't want any access control to the repository, therefore
> I
> > just left the default security config in the repository.xml as follows:
> >
> >    <Security appName="Jackrabbit">
> >        <SecurityManager
> > class="org.apache.jackrabbit.core.security.simple.SimpleSecurityManager"
> > workspaceName="security">
> >        </SecurityManager>
> >        <AccessManager
> > class="org.apache.jackrabbit.core.security.simple.SimpleAccessManager">
> >        </AccessManager>
> >        <LoginModule
> > class="org.apache.jackrabbit.core.security.simple.SimpleLoginModule">
> >           <param name="anonymousId" value="anonymous"/>
> >           <param name="adminId" value="admin"/>
> >        </LoginModule>
> >    </Security>
> >
> > The problem is that Jackrabbit ignores it and is using instead the
> > UsersRolesLoginModule, that is, the JBoss default JAAS authentication.
>
>
> The problem is that Jboss always returns an application configuration entry
> for a specific appName. Thus, Jackrabbit will always get a JAAS
> Configuration entry.
>
> Since Security element is mandatory in repository.xml,
> try to add the following to the
> JBOSS_HOME/server/default/conf/login-conf.xml file
>
> <application-policy name = "Jackrabbit">
>
>       <authentication>
>
>          <login-module code =
> "org.apache.jackrabbit.core.security.SimpleLoginModule"
>
>             flag = "required" />
>
>       </authentication>
>    </application-policy>
>
> It has worked for me.
>
> >
> > Maybe I'm doing something wrong. Can anybody help me please?
> >
> > I have another question. If I have three workspaces, do I have to write
> > both
> > three <SecurityManager> declarations for each workspace?. For example:
> >
> > <SecurityManager
> > class="org.apache.jackrabbit.core.security.simple.SimpleSecurityManager"
> > workspaceName="workspace1"/>
> > <SecurityManager
> > class="org.apache.jackrabbit.core.security.simple.SimpleSecurityManager"
> > workspaceName="workspace2"/>
> > <SecurityManager
> > class="org.apache.jackrabbit.core.security.simple.SimpleSecurityManager"
> > workspaceName="workspace3"/>
>
>
> Check http://wiki.apache.org/jackrabbit/JackrabbitOnJbossSecurity for
> more details on the issue
>
> Savvas Triantafyllou
>
> >
>