Announcement Announcement Module

Spring Modules forum decommissioned in favor of Spring Extensions

As the Spring Modules project has been replaced by the Spring Extensions ( project, this forum has been decommissioned in favour of Spring Extensions one at:

Please see the Spring Extensions home page for a complete list of current projects in Java, .NET and ActionScript. You can also propose one if you want.

Costin Leau
SpringSource - Spring Training, Consulting, and Support - "From the Source"
See more
See less
Change Credentials in JcrSessionFactory Page Title Module
Move Remove Collapse
Conversation Detail Module
  • Filter
  • Time
  • Show
Clear All
new posts

  • Change Credentials in JcrSessionFactory

    I have a web application built on top of spring-modules 0.8 and jackrabbit 1.3. When users login the web application, they are authenticated by usernames/passwords stored in a database, which is not part of JCR. But they access the repository with the credentials defined in the config file below. In this case, all users access JCR as "bogus".

    Now I need to tell the users apart in JCR - Session.getUserId() should return the users' specific username instead of "bogus". I wonder how I can supply JcrSessionFactory with the username/password (passed from web tier dynamically) to replace or overwrite the credentials defined in config file. Thanks in advance.

    <bean id="sessionFactory" class="org.springmodules.jcr.JcrSessionFactory">
    <property name="repository" ref="repository"/>
    <property name="credentials">
    <bean class="javax.jcr.SimpleCredentials">
    <constructor-arg index="0" value="bogus"/>
    <!-- create the credentials using a bean factory -->
    <constructor-arg index="1">
    <bean factory-bean="password"
    <!-- create the password to return it as a char[] -->
    <bean id="password" class="java.lang.String">
    <constructor-arg index="0" value="pass"/>

  • #2
    still frustrated...

    I posted the question a while ago but got no response. I would think this is a common use case. For example, if a user login the web application as "johnsmith", check out/update/check in a document, the node's version control should save "johnsmith" in history. However, using the hard-coded credential in spring config file, the session is always created in the name of "bogus". So "bogus" does everything on behalf of "johnsmith". Thus version control know only "bogus".

    I am sure Springmodules/JCR users run into similar problems. How do you work around it? Is it possible to pass "johnsmith" to replace "bogus" for JcrSessionFactory defined the configuration file?


    • #3
      I am also interested in this case. Did you find a solution? I am thinking of rolling my own extension of jcrsessionfactory but wanted to know if there is a better solution....


      • #4
        I've reach this post after two years and I can't found a solution for this problem. Any help?