I appreciate that security isn't an important feature of Jackrabbit at
this point, but does anyone have any pointers (links?) to how one would
go about integrating Jackrabbit with Tomcat's security, preferably
without implementing a custom JAAS solution.
I've read the JCR spec on the subject, but it's a bit thin about how to
use a container's security if you pass null as the Credentials to
Repository.login.
I've passed the Request.getRemoteUser to the SimpleCredentials, but I'd
like to try and implement some role based authorisation with the
AccessManager.
Thanks in advance.
Digby
