hi hugh On 10/18/05, Hugh Ross <[EMAIL PROTECTED]> wrote: > I am writing an server-side application which will use JackRabbit to > serve out files to a Python client. > Authentication will be via an LDAP server. > I only want the client to have to authenticate once per session as > opposed to once per request. > > What is the best way of doing this? > (I won't be using Servlets so will not be able to store the JackRabbit > Session object in the servlet's HttpSession object, nor will I be using > Stateful Session EJBs) > > I was thinking of using some sort of token which is generated on > successful log in and then stored in the database. The token would then > be passed for every subsequent request (using the setAttribute() method > of the SimpleCredentials object) > I would then need to override the RepositoryImpl.login method to check > the token passed against the database to ensure that it is a valid request. > > Can anybody think of a better way of doing this?
there's no need to override the RepositoryImpl.login method. all you have to do is writing a custom LoginModule. see o.a.j.c.s.SimpleLoginModule (the login method specifically) for an example. cheers stefan > > Many thanks in advance for your help. > > Hugh > > >
