anonymous wrote : anonymous wrote : | | But there is another effect I don't understand : "myRole" got read access to "/MyTopDirectory/TheUsableDirectory" and not to other directories where it has not been granted write access. Specifying 'write' access to '/TheUsableDirectory' should recurse to other directories under '/TheUsableDirectory', and since write implies read, you should have 'read' access there. *Except ofcouse if you specifically specify permissions on nodes under this, which override the recursing permissions* | Are you overriding the recursing permissions the nodes? OK, I understand why "myRole" get read access to '/TheUsableDirectory' (hence we should have write access), but I don't understand why it has not read access on '/TheUsableDirectory2' since it has read access to "/". I am not overriding more than what I describe.
anonymous wrote : Reason I ask is if you grant read access to 'MyTopDirectory" but no access to '/', then you will not get access to 'MyTopDirectory' for obvious security reasons. Permissions only recurse down the tree, not up the tree. | OK I have to grant read access to "/". anonymous wrote : for myRole2 who needs write access to /MyUsableDirectort2 but only read access to /MyUsableDirectory, then for permissions on /MyUsableDirectory make sure you grant this role atleast *read access* In fact I don't want to grant "myRole2" with read access to /MyUsableDirectory. But when "overriding the recursing permissions" happens ? As soon as you make one change for a given role in whatever directory ? That would explain why the read access is no more available to '/TheUsableDirectory2'.... Thanks and Merry christmas you too. I am on holidays now until 02/01/2008. Happy to read you next year ! View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4115112#4115112 Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4115112 _______________________________________________ jboss-user mailing list [email protected] https://lists.jboss.org/mailman/listinfo/jboss-user
