If i think better, actually my problem was not only the one about I've wrote earlier, but, the same as Ajai G, I'm tring to implement a custom authentication
write your own implementation of javax.security.auth.spi.LoginModule and change the repository's security config accordingly.
and authorization mechanism.
write your own implementation of the o.a.j.core.security.AccessManager interface and use that in the repository security config. eventually in addition - o.a.j.core.security.authorization.AccessControlProvider - o.a.j.core.security.authorization.WorkspaceAccessManager and adjust the workspace security configurations accordingly. you may also replace the whole SecurityManager itself (again repository config). there are various levels where you can plug your own stuff. what exactly you need to replace depends on your needs. angela