On 04.01.11 12:45, "Javier Arias" <[email protected]> wrote: ><LoginModule >class="org.apache.jackrabbit.core.security.simple.SimpleLoginModule"> > <!-- > anonymous user name ('anonymous' is the default value) > --> > <param name="anonymousId" value="user"/> > <!-- > administrator user id (default value if param is missing >is 'admin') > --> > <param name="adminId" value="pass"/>
"adminId" is the user id of the administrator user, not a password. See the comment above. The SimpleLoginModule does not provide any secure authentication, it will accept any password. There are three types of users, which are solely separated by the user id: the anonymous user (given by anonymousId, defaults to "anonymous") has only read rights. Then the administrative super user (given by adminId, defaults to "admin"), which can do anything. And finally any other user (all other user ids, needs no config) will have normal read and write permissions, but not certain admin things like node type management IIRC. Regards, Alex -- Alexander Klimetschek Developer // Adobe (Day) // Berlin - Basel
