Sorry, see its fixed in trunk, ignore me.
Ian
On 1 Nov 2009, at 16:41, Ian Boston wrote:
Looking at 1.5.7 (may also be the case in later versions)
IIUC, removing a User from the UserManager causes a
NoSuchPrincipalException in the ACLTempate.init(...) line 113, which
generates a deny on that node, regardless of the user accessing the
node.
IMHO, there should be a try catch on the processing of each ACE to
guard against this.
Removing all ACE's at the same time as removing a Principal is
probably not practical as the PrincipalManager might (if replaced)
lookup principals externally.
?
Can provide a patch, if this is the right approach.
Ian
