You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@sling.apache.org by Ian Boston <ie...@tfd.co.uk> on 2009/04/23 12:27:40 UTC
ModifyAceServlet.
Hi,
I am looking at the ModifyAceServlet. in the
o.a.s.jackrabbit.accessmanager bundle
I notice that if a requests privileges are denied from a principal
that references a group, then the request to deny privileges is ignored.
Does this mean its not possible to deny a privilege from a group ?
If so, I would like to understand the reasoning.
Thanks
Ian
Re: ModifyAceServlet.
Posted by Ian Boston <ie...@tfd.co.uk>.
Interesting, thank you, I will ask the same on jackrabbit users.
Thanks.
Ian
On 23 Apr 2009, at 17:54, Eric Norman wrote:
> Yes, the jackrabbit implementation does not allow denying privileges
> on a
> group. The ModifyAcesServlet mirrors that behavior. I don't know
> the
> exact reasoning behind that, I'd suggest posting your question to the
> jackrabbit list.
>
> Denying privileges is not part of the JCR spec, so this is a
> jackrabbit
> extension.
>
> On Apr 23, 2009 3:28 AM, "Ian Boston" <ie...@tfd.co.uk> wrote:
>
> Hi,
> I am looking at the ModifyAceServlet. in the
> o.a.s.jackrabbit.accessmanager
> bundle
> I notice that if a requests privileges are denied from a principal
> that
> references a group, then the request to deny privileges is ignored.
>
> Does this mean its not possible to deny a privilege from a group ?
>
> If so, I would like to understand the reasoning.
> Thanks
> Ian
Re: ModifyAceServlet.
Posted by Eric Norman <er...@gmail.com>.
Yes, the jackrabbit implementation does not allow denying privileges on a
group. The ModifyAcesServlet mirrors that behavior. I don't know the
exact reasoning behind that, I'd suggest posting your question to the
jackrabbit list.
Denying privileges is not part of the JCR spec, so this is a jackrabbit
extension.
On Apr 23, 2009 3:28 AM, "Ian Boston" <ie...@tfd.co.uk> wrote:
Hi,
I am looking at the ModifyAceServlet. in the o.a.s.jackrabbit.accessmanager
bundle
I notice that if a requests privileges are denied from a principal that
references a group, then the request to deny privileges is ignored.
Does this mean its not possible to deny a privilege from a group ?
If so, I would like to understand the reasoning.
Thanks
Ian