I have, with much appreciatied help from the mailing list, created my own LoginModule which logs the user in with a Principal created from the user name of the container login. This works and the user can read the repository, but
session.getRootNode().addNode(name, NodeType.NT_FOLDER) fails with a security exception javax.jcr.AccessDeniedException: Access denied. Debugging reveals that authorization fails as Permission.NODE_TYPE_MNGMT is required to create a child node with a specified node type. Node containerNode = session.getRootNode().addNode(name); containerNode.setPrimaryType(NodeType.NT_FOLDER); yields the same result (not surprising). What's the best way to deal with this? Adding Permission.NODE_TYPE_MNGMT for a user role/group on the root node? That doesn't feel quite right as there are system nodes under the root nodes that shouldn't be included in the permissions. ----- ____________________________________________________________ Nils Weinander -- View this message in context: http://n4.nabble.com/Container-authentication-working-over-to-authorization-tp1680516p1680516.html Sent from the Jackrabbit - Users mailing list archive at Nabble.com.
