Tobias Bocanegra created JCR-3718:
-------------------------------------
Summary: Inconsistent Principal Validation between API and Import
behavior
Key: JCR-3718
URL: https://issues.apache.org/jira/browse/JCR-3718
Project: Jackrabbit Content Repository
Issue Type: Bug
Components: security
Affects Versions: 2.7.3
Reporter: Tobias Bocanegra
Assignee: Tobias Bocanegra
the JCR access control management mandates that adding a new ACE includes
validating if the specified principal is known to the repository.
however, the ac-importer in jackrabbit is more relaxed with validation and
allows to create ACE even for unknown principals. this basically leaves us with
an inconsistent behavior between xml-import and calls to ac-management API
directly.
also note, that principal validation is only done when applying and ACL via API
but not when removing a principal.
in order to fix that i would suggest the following approach:
- add a new configuration parameter to the ACLProvider:
"allow-unknown-principals"
- make the import behavior independent of the principal manager
- respect this configuration when checking the ACL templates
this will change the default behavior of the XML import of access controlled
content. as this is a problem for backward compatibility, we additionally add a
"importBehavior" property to the ACL importer that has a default "besteffort"
import mode where the principals check is bypassed (as in the current
implementation)
--
This message was sent by Atlassian JIRA
(v6.1.5#6160)
