[jboss-user] [JBoss Portal] - Re: CMS security not working

[DanielGallot]

anonymous wrote : anonymous wrote : 
  |   | But there is another effect I don't understand : "myRole" got read access to "/MyTopDirectory/TheUsableDirectory" and not to other directories where it has not been granted write access. Specifying 'write' access to '/TheUsableDirectory' should recurse to other directories under '/TheUsableDirectory', and since write implies read, you should have 'read' access there. *Except ofcouse if you specifically specify permissions on nodes under this, which override the recursing permissions*
  | Are you overriding the recursing permissions the nodes? 
OK, I understand why "myRole" get read access to '/TheUsableDirectory' (hence we should have write access), but I don't understand why it has not read access on '/TheUsableDirectory2' since it has read access to "/".
I am not overriding more than what I describe.

anonymous wrote : Reason I ask is if you grant read access to 'MyTopDirectory" but no access to '/', then you will not get access to 'MyTopDirectory' for obvious security reasons. Permissions only recurse down the tree, not up the tree.
  | 
OK I have to grant read access to "/".


anonymous wrote : for myRole2 who needs write access to /MyUsableDirectort2 but only read access to /MyUsableDirectory, then for permissions on /MyUsableDirectory make sure you grant this role atleast *read access*
In fact I don't want to grant "myRole2" with read access to /MyUsableDirectory.
But when "overriding the recursing permissions" happens ? As soon as you make one change for a given role in whatever directory ? That would explain why the read access is no more available to '/TheUsableDirectory2'....

Thanks and Merry christmas you too. I am on holidays now until 02/01/2008.
Happy to read you next year !


View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4115112#4115112

Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4115112