You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@jackrabbit.apache.org by digby <li...@digby.net> on 2005/09/08 13:18:16 UTC

Jackrabbit security

I appreciate that security isn't an important feature of Jackrabbit at 
this point, but does anyone have any pointers (links?) to how one would 
go about integrating Jackrabbit with Tomcat's security, preferably 
without implementing a custom JAAS solution.

I've read the JCR spec on the subject, but it's a bit thin about how to 
use a container's security if you pass null as the Credentials to 
Repository.login.

I've passed the Request.getRemoteUser to the SimpleCredentials, but I'd 
like to try and implement some role based authorisation with the 
AccessManager.

Thanks in advance.

Digby