[jboss-user] [JBoss Portal] - Re: CMS security not working

[DanielGallot]

anonymous wrote : "/" - make readable to all roles including "myRole" except Users and Anonymous
  | "/MyTopDirectory/TheUsableDirectory" - make readable and writable to "myRole"
  | 
  | let me know what you get with this setup.
  | 
  | note: this is essentially the same result you are trying to achieve except its a simpler way to approach it.
OK, I understand this is a simpler conf because I don't need to declare again the same rights than the rights already granted in the parent directories. 

I try and I got the following :
- "Create a folder", in "/MyTopDirectory/TheUsableDirectory", for a user with "myRole"
==> exception "access denied"

- "Upload a file" : idem

But there is another effect I don't understand : "myRole" got read access to "/MyTopDirectory/TheUsableDirectory" and not to other directories where it  has not been granted write access.

Do I miss something(s) ?

I see the second effect because actually I need to get the following : I have also "myRole2" that should have write access on "/MyTopDirectory/TheUsableDirectory2" but not read access to "/MyTopDirectory/TheUsableDirectory" - and vice versa for "myRole" - in fact I have 20 different roles and corresponding "TheUsableDirectoryN".
And also "mySupervisor" that has read/write access to all these directories, but not "/" !

I try to not give read access to all roles on "/", granting the read access on "/MyTopDirectory" - I get "access denied" (the exception) immediatly on the CMS administration. (N.B. : anonymous get "access denied" as a gentle message)

So what can I do ? I am a bit lost...

Thanks a lot for your help.


View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4115085#4115085

Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4115085