Ok, after many trials and tribulations, I've finally got a standalone JackRabbit "daemon" that makes a (or multiple) Jackrabbit repositories available via RMI, and I've got the jcr-contrib code to provide WebDAV access to it (and I've even written some standalone programs that connect via RMI, do things, and then save & disconnect). It's been a "learning experience" :-)
What I can't seem to figure out is how to restrict access to the repository (or the data therein) in any way. At present, if I connect using DAV Explorer (or WinXP, or Novell NetDrive), it pops up a request for a username and password, but it accepts anything - any username and any password. There seems to be no authentication of usernames, and the only evidence of any authorization code that I've seen is that, if one sets the "anonymousId" to "anonymous" and then logs in as "anonymous", you get a read-only view instead of full read-write. Now, according to http://incubator.apache.org/jackrabbit/xref/org/apache/jackrabbit/core/s ecurity/SimpleLoginModule.html#124 it looks rather like security is just one of the things on the "to do" list, and has yet to be addressed. Is this true, or am I missing something. I'd like to be able to have some form of username/password authentication and authorization going on (ultimately, I'd like to use LDAP), but I currently see no way of doing this with the current code. Is this not possible with the current codebase? I'd appreciate any hints as to what to do / look at next... Thanks, Peter _____________________________________________________________________ This e-mail has been scanned for viruses by MCI's Internet Managed Scanning Services - powered by MessageLabs. For further information visit http://www.mci.com
