Reintroduce session auth for webdav

[lgpl/argeo-commons.git] / server / modules / org.argeo.jackrabbit.webapp / WEB-INF / security-filters.xml

diff --git a/server/modules/org.argeo.jackrabbit.webapp/WEB-INF/security-filters.xml b/server/modules/org.argeo.jackrabbit.webapp/WEB-INF/security-filters.xml
index 5d431922205d276e9f9e924625b7ded1e193dc11..bfdafd34149345d8472b1c97e91e293e38cbf153 100644 (file)
--- a/server/modules/org.argeo.jackrabbit.webapp/WEB-INF/security-filters.xml
+++ b/server/modules/org.argeo.jackrabbit.webapp/WEB-INF/security-filters.xml
@@ -9,9 +9,9 @@
        <bean id="springSecurityFilterChain" class="org.springframework.security.util.FilterChainProxy">
                <sec:filter-chain-map path-type="ant">
                        <sec:filter-chain pattern="/webdav/**"
-                               filters="x509,basic,rememberMe,exception,interceptor" />
+                               filters="session,x509,basic,rememberMe,exception,interceptor" />
                        <sec:filter-chain pattern="/remoting/**"
-                               filters="x509,basic,rememberMe,exception,interceptor" />
+                               filters="x509,basic,anonymous,exception,interceptor" />
                        <sec:filter-chain pattern="/public/**"
                                filters="anonymous,exception,interceptorPublic" />
                        <sec:filter-chain pattern="/pub/**"
@@ -28,7 +28,6 @@
                        <value>
                                PATTERN_TYPE_APACHE_ANT
                                /*/*/*/**=ROLE_USER,ROLE_ADMIN
-                               /**=ROLE_ANONYMOUS
                        </value>
                </property>
        </bean>