[jboss-user] [JBoss Portal] - Re: CMS security not working
sohil.shah@jboss.com
do-not-reply at jboss.com
Fri Dec 21 14:17:47 EST 2007
anonymous wrote :
| I try and I got the following :
| - "Create a folder", in "/MyTopDirectory/TheUsableDirectory", for a user with "myRole"
| ==> exception "access denied"
|
If the role 'myRole' has write access on '/MyTopDirectory/TheUsableDirectory' then you should be allowed to create a Folder under '/TheUsableDirectory'. If thats failing, I will have to look into trying to reproduce this and fix it if it is actually a bug. Let me look into this.
anonymous wrote :
| But there is another effect I don't understand : "myRole" got read access to "/MyTopDirectory/TheUsableDirectory" and not to other directories where it has not been granted write access.
|
Specifying 'write' access to '/TheUsableDirectory' should recurse to other directories under '/TheUsableDirectory', and since write implies read, you should have 'read' access there. *Except ofcouse if you specifically specify permissions on nodes under this, which override the recursing permissions*
Are you overriding the recursing permissions the nodes?
anonymous wrote :
| I try to not give read access to all roles on "/"
|
Are you atleast granting '/' access to roles that should be granted this?
Reason I ask is if you grant read access to 'MyTopDirectory" but no access to '/', then you will not get access to 'MyTopDirectory' for obvious security reasons. Permissions only recurse down the tree, not up the tree.
Hope this clarifies some issues.
Thanks and Merry Christmas
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4115107#4115107
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4115107
More information about the jboss-user
mailing list