Hi, Ruben Reusser píše v Čt 25. 11. 2010 v 09:55 -0800: > I am wondering, with ModeShape, is the security still in the magnolia > layer or is it ported through to ModeShape?
I am not a security expert but IMHO security is still handled by Magnolia - at least at the same level as with Jackrabbit. AFAIK there are two JAAS LoginConfigs in WEB-INF/config/jaas.conf - #1 is "magnolia" which is bound to the Magnolia's user/userrole system, #2 is by default "Jackrabbit" which I replace with "modeshape-jcr" in my tests (see [1]). That second LoginConfig is to enable access to the JCR for the Magnolia "engine", which uses simple "admin:admin" credentials. So IMHO there is no special access information stored in the JCR repository, no matter if it is Jackrabbit or ModeShape. But the above probably has to be corrected by someone from the Magnolia team. [1] http://community.jboss.org/wiki/HowToMakeMagnoliaCMSShapedTomcatversion Best regards, J.Ch. -- Jozef Chocholacek JBoss Community Website Team www.jboss.org ---------------------------------------------------------------- For list details see http://www.magnolia-cms.com/home/community/mailing-lists.html To unsubscribe, E-mail to: <[email protected]> ----------------------------------------------------------------
