Hi, Am 09.11.2011 um 12:56 schrieb Markus Joschko:
> With the most recent changes (SLING-2274) I can again use the CLI > client over davex, > but only when the anonymous user is enabled. As soon as I disable it, > I again have the problem with the repository descriptor retrieval. Hmm, this is not how it is intended to be. The davex bundle registers a dummy service which instructs the Sling Authenticator to not request credentials if missing and thus pass through anonymously if credentials are not preemptively provided. So, you should be able to do what you want. What request do you do to try to get this information (excuse my ignorance here ;-) ) > > However I have a customer requirement that is: Nobody should be able > to login in the web UI with anonymous/anonymous. Agreed. > And AFAIK that can only be achieved by disabling the anonymous user. > Or am I wrong? Is there another way to forbid login of the anonymous > user. Well, with this setting we can prevent requests without credentials to pass by the Sling Authenticator. But we cannot prevent someone coming with the anonymous credentials from logging in. This has to be configured in the repository IIUIC. Regards Felix > > Thanks, > Markus
