DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUGĀ· RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT <http://issues.apache.org/bugzilla/show_bug.cgi?id=43196>. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED ANDĀ· INSERTED IN THE BUG DATABASE.
http://issues.apache.org/bugzilla/show_bug.cgi?id=43196 ------- Additional Comments From [EMAIL PROTECTED] 2007-08-28 08:37 ------- Created an attachment (id=20722) --> (http://issues.apache.org/bugzilla/attachment.cgi?id=20722&action=view) Debug output This log shows that when a directory has been accesses using authentication, accessing a non-authorized file is granted because there is no authorization phase. The non-authorized files are not shown because there is an authorization phase during the view of the directory and access to view those is denied. However, when the file is accesses from a directory where no authorization has happened, the file access is denied during the authorization phase. So, summarizing, it seems there is an error in the process logic that allows a user to access a non-authorized file when the user has been previously authenticated to access the directory where the file resides. -- Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
