You'll need to:
1 create an implementation of
javax.security.auth.spi.LoginModule.LoginModule (see any JAAS
documentation / tutorial on this - public boolean login() is the
interesting part)
2 configure it in your repository.xml along the lines of:
<Security appName="<your_policy_name>">
<AccessManager
class="org.apache.jackrabbit.core.security.SimpleAccessManager"/>
</Security>
3 configure your system to use your JAAS module under a policy name. We
use Jboss, so we have an entry in the jboss login-config like:
<application-policy name="<your_policy_name>">
<authentication>
<login-module code="<your login module FQCN>" flag="requisite"/>
</authentication>
</application-policy>
-----Original Message-----
From: cw [mailto:[EMAIL PROTECTED]
Sent: 17 January 2008 10:05
To: [email protected]
Subject: RE: credential integration from existing userpassword table
i need to create new class myClassModule ? any example on this?
<LoginModule
class="org.apache.jackrabbit.core.security.SimpleLoginModule">
<!-- anonymous user name ('anonymous' is the default value) -->
<param name="anonymousId" value="anonymous"/>
</LoginModule>
Connor Brett <[EMAIL PROTECTED]> wrote: Jackrabbit supports JAAS. You
need a JAAS login module & configure JR to use it in repository.xml.
-----Original Message-----
From: cw [mailto:[EMAIL PROTECTED]
Sent: 17 January 2008 02:27
To: [email protected]
Subject: credential integration from existing userpassword table
the credential that i'm using for jackrabbit is as below
Credentials credentials = new SimpleCredentials(USERID,
PASSWORD);
session = r.login(credentials);
. How to integrate our existing userpasswordtable db with this
credentail to authenticate user?
currently, jackrabbit just accept any username and password pair.
also, i'm using sample "simplewebdavservlet". how to limit user to login
?
E-MAIL DISCLAIMER
The information in this e-mail and any attachment is confidential. It is
intended only for the named recipient(s). If you are not a named recipient
please notify the sender immediately and do not disclose the contents to
another person or take copies. Although Axxia Systems has taken every
reasonable precaution to ensure that any attachment to this e-mail has been
checked for viruses,it is strongly recommended that you carry out your own
virus check before opening any attachment, as we cannot accept liability for
any damage sustained as a result of software virus infection. Axxia Systems
reserves the right to monitor and record e-mails sent to axxia.com, and senders
of such messages shall be taken to consent to this.
Registered Office: Axxia House, Unit 4, The Pavilions, Ruscombe Business Park,
Twyford, Berkshire, RG10 9NN. Registration Number: 3019229
