In our application we have Jackrabbit 1.3.1. We try to get write rights through
webdav, but can't get it right. In our repository.xml we have the following
security section:
<Security appName="Jackrabbit">
<!--
access manager:
class: FQN of class implementing the AccessManager
interface
-->
<AccessManager
class="org.apache.jackrabbit.core.security.SimpleAccessManager">
<!-- <param name="config"
value="${rep.home}/access.xml"/> -->
</AccessManager>
<LoginModule
class="org.apache.jackrabbit.core.security.SimpleLoginModule">
<!-- anonymous user name ('anonymous' is the default
value) -->
<param name="anonymousId" value="anonymous" />
<!--
default user name to be used instead of the
anonymous user
when no login credentials are provided (unset
by default)
-->
<!-- <param name="defaultUserId" value="superuser"/> -->
</LoginModule>
</Security>
And our web.xml is also configured:
<servlet>
<servlet-name>Webdav</servlet-name>
<description>The webdav servlet that connects HTTP request to the
repository.</description>
<servlet-class>nl.ourcompany.servlet.SimpleWebdavServlet</servlet-class>
<init-param>
<param-name>resource-path-prefix</param-name>
<param-value>/repository</param-value>
<description>defines the prefix for spooling resources out of the
repository.</description>
</init-param>
<init-param>
<param-name>missing-auth-mapping</param-name>
<param-value>anonymous:anonymous</param-value>
<description>
Defines how a missing authorization header should be handled.
1) If this init-param is missing, a 401 response is generated. This is
suiteable for clients (eg.
webdav clients) for which sending a proper authorization header
is not possible if the server never sent a 401. 2) If this init-param is
present with an empty
value, null-credentials are returned, thus forcing an null
login on the repository. 3) If this init-param has a 'user:password' value, the
respective simple
credentials are generated.
</description>
</init-param>
<!--
Optional parameter to define the value of the 'WWW-Authenticate'
header
-->
<!--
<init-param>
<param-name>authenticate-header</param-name>
<param-value>Basic realm="Jackrabbit Webdav Server"</param-value>
<description>
Defines the value of the 'WWW-Authenticate' header.
</description>
</init-param>
-->
<!--
Parameter used to configure behaviour of webdav resources such as:
- destinction between collections and non-collections
- resource filtering
-->
<init-param>
<param-name>resource-config</param-name>
<param-value>/WEB-INF/jcr-webdav-config.xml</param-value>
<description>Defines various dav-resource configuration
parameters.</description>
</init-param>
<load-on-startup>4</load-on-startup>
</servlet>
Where the servlet-class is a straight copy of the Jackrabbit class.
With this configuration we are able to list the files in a WebDAV browser (like
Konquerer), for example on webdav://localhost/context/repository/default. Also,
when we try to log on with system (webdav://[EMAIL
PROTECTED]/context/repository/default) we get the listing, but we are not
allowed to do any file modification (move, delete, create, adjust).
In earlier versions of Jackrabbit we were allowed to do file modifications. Is
this changed somehow? And how can we change files through webdav at the moment?
With regards,
Nick Stolwijk
