Logging into Jackrabbit with custom LoginModule
https://stackoverflow.com/questions/1953995
-
21-09-2019 - |
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianQuestion
I am trying to write a LoginModule that authenticates users with Jackrabbit repository. However, I want it to check the credentials that are stored in repository itself. So the problem is, in my LoginModule I have to connect to the repository again, making it an infinite loop. Is there something I can do about it?
Solution
There a 2 basic approaches:
Provide a admin login to the Jackrabbit repository that the LoginModule is configured with so that it will always be able to connect to the repository. When connected as the admin user query the repository with the supplied credentials (for the normal user that is being authenticated) in order to authenticate them.
Alternatively have all of the users set up with an Jackrabbit login, so instead of connecting with the Admin login you try to connect with the supplied credentials and if you connect then the user is successfully connected (with this approach I often will do a simple query to double check the connection is valid, e.g. look up the user's real name in the repository).
In both cases the LoginModule should contain code that connects directly to Jackrabbit and shouldn't require a LoginModule to connect itself to the repository.
OTHER TIPS
In the JeCARS project there is a custom LoginModule (org.jecars.CARS_LoginModule). It uses a hardcoded admin user for the first access, and because the repository can only be accessed by servlet a check at this point is performed to prevent the external use of the admin user.
