Hi, I was playing with the slingbucks example [1]. I noticed that it required authentication in order to accept POST request to create new orders. After logging in via admin:admin at the Sling main page, the slingbucks order process worked.
My assumption is that the underlying JCR requires authentication before it allows any write operations, right? I started to look for documentation on authentication and user management. I see that there is a user management RESTful API [1] but can not find more details about it. The documentation in [2] is on a low technical level but I am missing some overview how users should be managed for a webapp. Any hints are welcome. [1] https://cwiki.apache.org/confluence/display/SLING/FAQ#FAQ-HowdoIchangeJackrabbit%27sadminpassword%3F [2] http://sling.apache.org/site/authentication.html -- Fabian http://twitter.com/fctwitt
