I need help to understand how the built-in JAAS authentication works. Is there additional configuration required?
I tried with with 2 configurations and in both cases the default JAAS policy modeshape-jcr was not recognized.
22:45:43.017 ERROR | o.m.j.JcrRepository | Unable to initialize authentication provider "{ "classname" : "JAAS" , "policyName" : "modeshape-jcr" }" for repository "bbsrepo": No LoginModules configured for modeshape-jcr javax.security.auth.login.LoginException: No LoginModules configured for modeshape-jcr
23:59:29.928 WARN | o.m.j.JcrRepository | The JAAS policy named 'modeshape-jcr' (nor the policy named 'other') could not be found; check the value of the 'security/policyName' repository option in the configuration for the 'bbsrepo' repository (or ignore this message if JAAS authentication is not being used)
I tried the repo configuration both as embedded repo ( via junit test ) and Modeshape web explorer on Tomcat 7
Thanks,
Gorgi
When using JAAS you need to configure the JAAS provider and add the "modeshape-jcr" policy in this case. Since you're using Tomcat, you should configure Tomcat's JAAS security realm (IIRC in the server.xml file)