Krzysztof Lembicz
2015-11-26 17:19:35 UTC
Dear All,
I have evaluating JackRabbit 2 (2.10.3) for couple of days and its usefulness for one of my projects. I have reached almost everything I needed including an external LoginModule authentication using a JAAS-compliant module which works. However I have encountered an issue I do not know how to solve or maybe I have misunderstood something.
I am going to use JackRabbit as a content server and communicate with it via WebDav HTTP interfaces (remotely). That works including mentioned JAAS LoginModule integration (KeyCloak) First lines of my test application are:
repository = JcrUtils.getRepository("http://localhost:8080/jackrabbit-webapp /server");
session = repository.login(new SimpleCredentials("test1", "test".toCharArray()), "default");
where test1 and test are valid Keycloak user credentials and the login process is successful. The problem is that many operations called before I call the session.logout() when I create nodes, search for nodes, remove nodes etc. - being theoretically applied in a correct, logged session - on the server's side are still preceded by JAAS authentication again and again - actually at each atomic operation I am performing within the session. Instead I would rather expect that logged once, before calling session.logout() JAAS login is omitted so I can work in a performant way. I do not know why at the DAV servlet side, the session is not cached/maintained/recognized so the again login is not needed since it already has taken place. And - unfortunately - the performance decrease I am observing that is really significant and unacceptable.
Does anyone can let me know whether I am doing something wrong, do I have to configure something in a better so the session is recognized/stored or is it a correct way it should work?
Any help would be much appreciated. Thank you.
Best regards,
Krzysztof Lembicz
I have evaluating JackRabbit 2 (2.10.3) for couple of days and its usefulness for one of my projects. I have reached almost everything I needed including an external LoginModule authentication using a JAAS-compliant module which works. However I have encountered an issue I do not know how to solve or maybe I have misunderstood something.
I am going to use JackRabbit as a content server and communicate with it via WebDav HTTP interfaces (remotely). That works including mentioned JAAS LoginModule integration (KeyCloak) First lines of my test application are:
repository = JcrUtils.getRepository("http://localhost:8080/jackrabbit-webapp /server");
session = repository.login(new SimpleCredentials("test1", "test".toCharArray()), "default");
where test1 and test are valid Keycloak user credentials and the login process is successful. The problem is that many operations called before I call the session.logout() when I create nodes, search for nodes, remove nodes etc. - being theoretically applied in a correct, logged session - on the server's side are still preceded by JAAS authentication again and again - actually at each atomic operation I am performing within the session. Instead I would rather expect that logged once, before calling session.logout() JAAS login is omitted so I can work in a performant way. I do not know why at the DAV servlet side, the session is not cached/maintained/recognized so the again login is not needed since it already has taken place. And - unfortunately - the performance decrease I am observing that is really significant and unacceptable.
Does anyone can let me know whether I am doing something wrong, do I have to configure something in a better so the session is recognized/stored or is it a correct way it should work?
Any help would be much appreciated. Thank you.
Best regards,
Krzysztof Lembicz