On Mon, Oct 19, 2009 at 12:53, Odie1001 <[email protected]> wrote: > I have setup a JCR repository in TOMCAT 6 and it is working fine. We are > using the default setup where to access a repository a username and password > is required (but it can be anything). > > We have a thirdparty app that is trying to retreive an xml doc stored in > this repository however there is no way for this app to pass a username and > password prameter to the repository.
Why? How is it accessing the JCR? Using the JCR API remotely? Or using webdav? All access methods that I know provide a way to pass the credentials. If you use a custom server interface, you can use "admin" credentials there (albeit I would not recommend that, rather always try to do end-user login the whole way). > Is there away to remove the login security for Jackrabbit so that > the app can retreive the xml file? As you said, it can be anything, I guess you use a Jackrabbit pre-1.5 with SimpleLoginModule that only separates between "admin", "anonymous" and other users, allowing all passwords. This is already a reduced security. Otherwise there is no way to go around a login, as the JCR API requires a login to acquire a session. Regards, Alex -- Alexander Klimetschek [email protected]
