[
https://issues.apache.org/jira/browse/JENA-990?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14632778#comment-14632778
]
Andy Seaborne commented on JENA-990:
------------------------------------
> Basically if the graph is read-only authentication will not solve the add
> denied exception – right?
Yes, a rtead-only graph is not a security issue. Hence:
OperationDeniedException > AddDeniedException
OperationDeniedException > DeleteDeniedException
OperationDeniedException > AuthenticationRequiredException
I haven't see a case of a situation which is OperationDeniedException but not
AccessDeniedException. I think the The "AccessDeniedException" I suggested is
what you call AuthenticationRequiredException.
> rename the UpdateDeniedException
> ---------------------------------
>
> Key: JENA-990
> URL: https://issues.apache.org/jira/browse/JENA-990
> Project: Apache Jena
> Issue Type: Improvement
> Components: Core
> Affects Versions: Jena 3.0.0
> Reporter: Claude Warren
> Assignee: Claude Warren
> Priority: Minor
>
> As noted in a discussion on the dev list between myself and Andy this update
> is to rename the current UpdateDeniedException to AccessDeniedException and
> extend it from a newly created OperationDeniedException.
> AddDeniedException and DeleteDeniedException will extend
> AccessDeniedException.
> jena-permissions will extend AccessDeniedException to create:
> ReadDeniedException -- for read restrictions
> UpdateDeniedException -- for update restrictions (modifying triples that
> already exists as opposed to adding new triples)
> This will allow Fuskei to properly respond to the case where jena-permissions
> is in place and there are update restrictions in place. Currently Fuseki
> returns this as a 500 error. Once we have a common permission denied
> exception we can return either authentication required or access denied as
> appropriate.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
