Karolis Mackevicius wrote
> Hi,
>
> I am trying to implement
> org.apache.sling.resourceaccesssecurity.ResourceAccessGate component
> (dependency version 1.0.0), with following properties:
>
> * access.context=application
> * operations=read
> * path=/content/dam/.*
>
> @Component(property =
> {"access.context=application","operations=read","path=/content/dam/.*"},
> service = ResourceAccessGate.class)
>
> Once I deploy it, everything under all other paths (that are not
> /content/dam) or other operations (create,update,delete,execute) is not
> accessible anymore.
>
> Currently as a workaround I have created another ResourceAccessGate
> component with no path and for all operations, which I originally don't
> want to check.
>
> Q: is this expected behavior?
Hi,
unfortunately, yes, this is the expected behaviour. If there is no
application ResourceAccessGate no check at all is performed at this
level. However as soon as there is at least one, then there needs to be
ResourceAccessGate that grants operations. So registering such an
application level gate basically denies everything except granted by
this gate.
It's a little bit uncommon but that's how it was designed :)
Regards
Carsten
>
> Best Regards,
>
> Karolis
>
--
Carsten Ziegeler
Adobe Research Switzerland
cziege...@apache.org
