anonymous wrote : | I try and I got the following : | - "Create a folder", in "/MyTopDirectory/TheUsableDirectory", for a user with "myRole" | ==> exception "access denied" | If the role 'myRole' has write access on '/MyTopDirectory/TheUsableDirectory' then you should be allowed to create a Folder under '/TheUsableDirectory'. If thats failing, I will have to look into trying to reproduce this and fix it if it is actually a bug. Let me look into this.
anonymous wrote : | But there is another effect I don't understand : "myRole" got read access to "/MyTopDirectory/TheUsableDirectory" and not to other directories where it has not been granted write access. | Specifying 'write' access to '/TheUsableDirectory' should recurse to other directories under '/TheUsableDirectory', and since write implies read, you should have 'read' access there. *Except ofcouse if you specifically specify permissions on nodes under this, which override the recursing permissions* Are you overriding the recursing permissions the nodes? anonymous wrote : | I try to not give read access to all roles on "/" | Are you atleast granting '/' access to roles that should be granted this? Reason I ask is if you grant read access to 'MyTopDirectory" but no access to '/', then you will not get access to 'MyTopDirectory' for obvious security reasons. Permissions only recurse down the tree, not up the tree. Hope this clarifies some issues. Thanks and Merry Christmas View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4115107#4115107 Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4115107 _______________________________________________ jboss-user mailing list [email protected] https://lists.jboss.org/mailman/listinfo/jboss-user
