2 messages in org.apache.jackrabbit.usersProblem with webdav and system user
FromSent OnAttachments
nick...@planet.nlOct 26, 2007 12:43 am 
Angela SchreiberOct 26, 2007 1:10 am 
Actions with this message:
Paste this link in email or IM:
Paste this link in email or IM:
Atom feed for this thread
Paste this URL into your reader:
Subject:Problem with webdav and system userActions...
From:nick...@planet.nl (nick@planet.nl)
Date:Oct 26, 2007 12:43:53 am
List:org.apache.jackrabbit.users

In our application we have Jackrabbit 1.3.1. We try to get write rights through
webdav, but can't get it right. In our repository.xml we have the following
security section:

<Security appName="Jackrabbit"> <!-- access manager: class: FQN of class implementing the AccessManager interface --> <AccessManager class="org.apache.jackrabbit.core.security.SimpleAccessManager"> <!-- <param name="config" value="${rep.home}/access.xml"/> --> </AccessManager>

<LoginModule class="org.apache.jackrabbit.core.security.SimpleLoginModule"> <!-- anonymous user name ('anonymous' is the default value) --> <param name="anonymousId" value="anonymous" /> <!-- default user name to be used instead of the anonymous user when no login credentials are provided (unset by default) --> <!-- <param name="defaultUserId" value="superuser"/> --> </LoginModule> </Security>

And our web.xml is also configured: <servlet> <servlet-name>Webdav</servlet-name> <description>The webdav servlet that connects HTTP request to the
repository.</description> <servlet-class>nl.ourcompany.servlet.SimpleWebdavServlet</servlet-class>

<init-param> <param-name>resource-path-prefix</param-name> <param-value>/repository</param-value> <description>defines the prefix for spooling resources out of the
repository.</description> </init-param>

<init-param> <param-name>missing-auth-mapping</param-name> <param-value>anonymous:anonymous</param-value> <description> Defines how a missing authorization header should be handled. 1) If this
init-param is missing, a 401 response is generated. This is suiteable for
clients (eg. webdav clients) for which sending a proper authorization header is not possible
if the server never sent a 401. 2) If this init-param is present with an empty value, null-credentials are returned, thus forcing an null login on the
repository. 3) If this init-param has a 'user:password' value, the respective
simple credentials are generated. </description> </init-param>

<!-- Optional parameter to define the value of the 'WWW-Authenticate' header --> <!-- <init-param> <param-name>authenticate-header</param-name> <param-value>Basic realm="Jackrabbit Webdav Server"</param-value> <description> Defines the value of the 'WWW-Authenticate' header. </description> </init-param> --> <!-- Parameter used to configure behaviour of webdav resources such as: - destinction between collections and non-collections - resource filtering --> <init-param> <param-name>resource-config</param-name> <param-value>/WEB-INF/jcr-webdav-config.xml</param-value> <description>Defines various dav-resource configuration
parameters.</description> </init-param> <load-on-startup>4</load-on-startup> </servlet>

Where the servlet-class is a straight copy of the Jackrabbit class.

With this configuration we are able to list the files in a WebDAV browser (like
Konquerer), for example on webdav://localhost/context/repository/default. Also,
when we try to log on with system
(webdav://system@localhost/context/repository/default) we get the listing, but
we are not allowed to do any file modification (move, delete, create, adjust).

In earlier versions of Jackrabbit we were allowed to do file modifications. Is
this changed somehow? And how can we change files through webdav at the moment?

With regards,

Nick Stolwijk