2009/12/16 Zhenhua Guo <[email protected]>: > Basically, it says admin user has id "anonymous" which is default user > id used by Jackrabbit when the program does not provide a credential > (when invoking "repository.login()") > Is that correct?
I do not know exactly how JAAS work but using Repository#login() in Jackrabbit allows to create a session with the current authenticated user. IIUC if no authentication has been successful anonymous user is used. Chances are that you do not use JAAS, therefore I recommend you to use explicit Credentials where the username is not the anonymousId (I was just pointing the fact that this id is configurable). IIRC the user name is useful for access management (restrict access or actions to nodes) and for storing the lock's owner. You may therefore want to open session depending on the current user to use these features. -- Sébastien Launay
