> On 21 Feb 2008, at 22:25, Vidar Ramdal wrote: > > Does anyone have a working example of configuring Sling to using an > > external LDAP server for authentication? On 2/21/08, Torgeir Veimo <[EMAIL PROTECTED]> wrote: > I'd assume this is sort of orthogonal to Sling at the moment? > > One option would be to employ something like Spring security or > SecurityFilter with an appropriate LDAP realm impl. This would make > sure all requests would return something sane in the > getUserPrincipal() and isUserInRole() calls. You could then code > accordingly in your Sling components.
I see. But using a servlet filter would not enforce security on the JCR itself. Perhaps it would be easier to setup Jackrabbit with LDAP, and then handle authorization issues when Sling connects to Jackrabbit. -- Vidar S. Ramdal <[EMAIL PROTECTED]> - http://www.idium.no Akersgata 16, N-0158 Oslo, Norway
