Curious login issues with Groups/Roles and Users
------------------------------------------------
Key: MAGNOLIA-912
URL: http://jira.magnolia.info/browse/MAGNOLIA-912
Project: magnolia
Type: Bug
Components: security
Versions: 3.0 Beta 1
Environment: Windows XP, Magnolia 3.0 RC1 build 3345, Jetty 6-Beta17
Reporter: Giancarlo Berner
Assigned to: Boris Kraft
- Login as 'superuser'
- Create a Group A
- Create a User B
- Assign Group A to User B (wouldn't the other way around be more logical?)
- Define a Role with Read only for the whole WEBSITE repository
- Assign Role to Group A (which should be inherited by User A, right?)
- Log out
- Log in as User B
---> You will get a 403 (Forbidden)
Now comes the strange part:
- Close the browser
- Open a new browser
- Login as 'superuser'
---> You will get a 403 (Forbidden) again!!
After restarting Jetty I can login again as 'superuser'
I have choosen "Major" priority, but for the project we are doing it actually
is a "Blocker". So if you could provide a workaround, that would be truely
apreciated!
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://jira.magnolia.info/secure/Administrators.jspa
-
For more information on JIRA, see:
http://www.atlassian.com/software/jira
----------------------------------------------------------------
for list details see
http://www.magnolia.info/en/magnolia/developer.html
----------------------------------------------------------------
