AccessDeniedException when writing into JCR (JackRabbit) [Magnolia]

229 views Asked by At

I wrote a request filter for geoIP localization. It works the way that I request an external service for the localization and then write the information into JCR, into a dedicated workspace for caching/storage.

On the author instance this works, but on the public instance I constantly get a AccessDeniedException. I probably need to authenticate with the JCR, and I tried that too, using the crendentials from the magnolia.properties file:

magnolia.connection.jcr.userId = username
magnolia.connection.jcr.password = password

And this code for authentication:

Session session = MgnlContext.getJCRSession(WORKSPACE_IP_ADDRESSES);
session.impersonate(new SimpleCredentials("username", "password".toCharArray()));

I have the this xml to bootstrap the filter, and a FilterOrdering Task, configured as follows:

tasks.add(new FilterOrderingTask("geoIp", new String[] { "contentType", "login", "logout", "csrfSecurity",
            "range", "cache", "virtualURI" }));

What am I missing?

What would be the proper to write into the JCR in Magnolia on the public instance?

1

There are 1 answers

4
Jan On BEST ANSWER

Yeah, that could not work :D

Is your filter configured in Magnolia's filter chain or directly in web.xml? It needs to live in filter chain and it needs to be configured somewhere down the chain after the security filters so that user is already authenticated.
Then you can simply call MgnlContext.getJCRSession("workspace_name") to get access to repo and do whatever you need.

HTH,
Jan