Tamino Security using Java API


I’ve activated the tamino security. Let me first explain how the security is setup.

I’ve activated the Apache Web Server authentication. The user TESTUser is defined using the HTPASSWD.EXE. I’ve added the following settings to the HTTPD.CONF:

LoadModule ino_module modules/Apache2ModuleIno.dll
<Location /tamino>
SetHandler ino
AuthType Basic
AuthName Tamino
AuthUserFile “C:/Apache Group/Apache2/conf/TaminoUsers.dat”
Require valid-user

In Tamino I’ve created a group with the database name and I assign a access control list where I define that ‘no access’ is allowed by default for every Tamino authorised user. This is in the fact not possible due to the Apache Web Server authentication.
A second group is defined containing the user TESTUser (same as the one defined in the Apache configuration). An access control list is defined specifying that users of this group has ‘full access’ to the collection.

Now I have a small test program using the new Java API. I use the class TConnectionPoolManager to retrieve a Tamino connection. In the ManagedConnectionPools.xml I’ve defined the correct URL and user/password to use (user=TESTUser).
When I call the getConnection() method the connection is retrieved.
Now when I execute an xQuery expression, then Tamino returns me an exception explaining that the collection isn’t found. This is due to the default access control list which defines ‘no access’ for unknown users. I’ve checked this by changing the default access control list to ‘full access’. Doing that the xQuery works fine. The exception re-appears when the default access control list is changed back to ‘no access’.

What am I forgotton to specify or call?

I seems top have the smae behaviour using the Tamino X-plorer tool!