You are viewing a plain text version of this content. The canonical link for it is here.

Posted to slide-user@jakarta.apache.org by Jacob Lund <jl...@qualiware.net> on 2004/12/07 10:52:09 UTC

ACL bug in 2.1rc1?

Hi All!   

I was just playing with the ACL setting in the new rc1 and I found the following behaviour:

I took the tomcat-slide bundle as offsett and enabled the JAAS realm. Also I mapped slide to the root of the server in the server.xml.

Using the standard users from the default domain.xml and then I change access rights on the /files collection:
/roles/user grant /actions/write-acl
/roles/user grant /actions/write-content
/roles/user grant /actions/write-propeties
/roles/user grant /actions/read
/roles/user deny all 

Then I login with john and try to upload a file to the /files collection and i get an access denied. The put request returns a 403 write access /actions/write denied.

Changing the acl info to:
/roles/user grant /actions/write
/roles/user grant /actions/read
/roles/user deny all 

Now it works fine? Am I misunderstanding something /actions/write and the combination of /actions/write-acl, /actions/write-content and /actions/write-propeties bee the same?

Thanks
Jacob