Brian Moseley wrote:
Jackrabbit uses JAAS internally to authenticate access to its repository, so my first attempt at integration was providing a custom LoginModule implemented using Acegi Security.
i've since been reminded that the JCR spec allows us to bypass the JCR implementation's internal authentication, and i've reimplemented my server to do just that. so i no longer need the custom LoginModule i developed.
Brian, are you able to share how you have achieved this?
(I presume it is something to do with AccessControlContext but I don't know enough about that stuff as yet).
that's it exactly.
first i create a Subject containing the relevant principals and credentials, then:
PrivilegedAction action = new PrivilegedAction() {
public Object run() {
try {
return repository.login(workspaceName);
} catch (Exception e) {
throw new RuntimeException(e);
}
}
};
Session rs = (Session) Subject.doAs(subject, action);
------------------------------------------------------- SF email is sponsored by - The IT Product Guide Read honest & candid reviews on hundreds of IT Products from real users. Discover which products truly live up to the hype. Start reading now. http://ads.osdn.com/?ad_id=6595&alloc_id=14396&op=click _______________________________________________ Home: http://acegisecurity.sourceforge.net Acegisecurity-developer mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer
