You are viewing a plain text version of this content. The canonical link for it is here.
Posted to oak-issues@jackrabbit.apache.org by "angela (JIRA)" <ji...@apache.org> on 2013/09/24 11:04:05 UTC
[jira] [Resolved] (OAK-1016) Anonymous session doesn't see node
added by admin
[ https://issues.apache.org/jira/browse/OAK-1016?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
angela resolved OAK-1016.
-------------------------
Resolution: Not A Problem
jackrabbit used to have a configuration option that sets up full read permission for everyone on the whole repository (which by default was turned on). while this might be handy it's actually a security issue because the default setup should not grant read access to everybody. therefore i decided to drop that configuration option for oak.
if you want to have this for your tests, your setup should grant jcr:read on the root node in your test setup. something like:
{code}
AccessControlUtils.addAccessControlEntry(admin, "/", EveryonePrincipal.getInstance(), privilegesFromName(Privilege.JCR_READ), true);
admin.save();
{code}
> Anonymous session doesn't see node added by admin
> -------------------------------------------------
>
> Key: OAK-1016
> URL: https://issues.apache.org/jira/browse/OAK-1016
> Project: Jackrabbit Oak
> Issue Type: Bug
> Components: jcr
> Affects Versions: 0.8
> Reporter: Bertrand Delacretaz
> Priority: Minor
> Attachments: oak-jcr-anonymous.patch
>
>
> I'll attach a patch that demonstrates this, and I'm seeing the same problem in SLING-3063
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira