The rest & webdav web applications are configured to use HTTP Authentication, with the role "connect". Also, the repository behind the scenes, is configured with a "servlet" authentication provider, meaning that a user with the "connect" role is expected, out-of-the-box, to be able to connect/work with the repo.

As this role isn't used in the JCR layer, clients will get an exception.

We should document this clearly in the web.xml file.