You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@jackrabbit.apache.org by Marco Filosi <ma...@blu-labs.com> on 2010/06/23 15:16:43 UTC
Anonymous User Autocreation
Hi,
I removed the anonymous user but when I restart the servlet container (e.g.
tomcat) the anonymous user is recreated. I need to know how I can remove
anonymous user permanently if it is possible.
Here below I explain the steps followed:
1. Get a list of users by calling curl -X GET
http://localhost:8080/sling/system/userManager/user.tidy.1.json
2. By default the unique users in a new system are: admin and anonymous.
3. Remove anonymous user by calling curl -Fgo=1
http://localhost:8080/sling/system/userManager/user/anonymous.delete.html
4. Get a list of users and this time I have only admin user as I want.
5. Restart servlet container tomcat
6. Get a list of users and this time with the admin user appears also the
anonymous user.
What is the best way to prevent the anonymous user autocreation?
Cheers,
Marco
Re: Anonymous User Autocreation
Posted by Angela Schreiber <an...@day.com>.
hi marco
> What is the best way to prevent the anonymous user autocreation?
currently there is no way to prevent the autocreation of the
anonymous user except for writing a custom security manager.
for jackrabbit 2.2 we will add a disable-user functionality
that will allow to prevent users from login into the repository
without having to remove them altogether (see
https://issues.apache.org/jira/browse/JCR-2635)
regards
angela