Ok So do we need to use JAAS security with Jackrabbit? We need to have the locking/checkout functionality work in the context of the actual user who performed the operation. For prototyping purposes we were using the SimpleCredentials with a user "bogus". How do we make the leap to have each session associated with the User?
This organization has a security mechanism in place that we must use. We have a lightweight user object with a username and the user's role. Do I need to build some sort of bridge between our system and JAAS? Right now we are using org.springmodules.jcr.JcrSessionFactory to generate session -- one of its configurations in Credentials. Do I need to wire in a custom factory for Credentials? I just need to be pointed in the right direction. thanx. -- --------------------- Michael Harris
