Yes, got you, thanks.
Based on your suggestion, following xml configuration should work to
make everyone able to add nodes.
<LoginModule class="org.apache.jackrabbit.core.security.SimpleLoginModule">
<!-- anonymous user name ('anonymous' is the default value) -->
<param name="anonymousId" value="some_other_id"/>
<param name="adminId" value="anonymous"/>
</LoginModule>
Basically, it says admin user has id "anonymous" which is default user
id used by Jackrabbit when the program does not provide a credential
(when invoking "repository.login()")
Is that correct?
Gerald
On Wed, Dec 16, 2009 at 3:35 AM, Sébastien Launay
<[email protected]> wrote:
> Hi,
>
> 2009/12/16 Zhenhua Guo <[email protected]>:
>> Thanks.
>> IMHO, guest and anonymous user are the same (in terms of privileges).
>> My solution is to use admin id,
>> SimpleCredentials adminCred = new
>> SimpleCredentials("admin", new char[0]);
>> repoSession = repository.login(adminCred);
>>
>> Access control is done in higher level.
>
> What i was trying to say is that for SimpleLoginModule there is two
> kinds of people :).
> The anonymous identified by the parameter anonymousId (configured by default
> to
> 'anonymous' username) with limited privileges and the others which
> full privileges.
>
> In your example 'admin' is part of the others kind and therefore can add node.
>
> --
> Sébastien Launay
>
