[
https://issues.apache.org/jira/browse/OAK-4086?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Marco Piovesana updated OAK-4086:
---------------------------------
Attachment: OakUsage.zip
Attached is a maven project that reproduces the problem. It contains the custom
authentication module I'm using.
Marco.
> Group membership not verified during permission verification
> ------------------------------------------------------------
>
> Key: OAK-4086
> URL: https://issues.apache.org/jira/browse/OAK-4086
> Project: Jackrabbit Oak
> Issue Type: Bug
> Components: jcr
> Affects Versions: 1.3.16
> Reporter: Marco Piovesana
> Attachments: OAK-4086.patch, OakUsage.zip
>
>
> I have a group called "MyUsers" containing a user called "marco". I've
> created a folder called "testfolder" with admin account and i granted read
> permission to the "MyUsers" group:
> {code:java}
> Node testfolder = adminSession.getNode("/testfolder");
> boolean allow = AccessControlUtils.allow(testfolder,
> myUsersGroup.getPrincipal(), new String[]{Privilege.JCR_READ});
> {code}
> When I login as "marco", if i try to find that folder i get an error saying
> that the folder doesn't exists (user does not have tthe permission to read
> it). It works only if I grant the READ permission directly to the user.
> {code:java}
> Session usrSession = repository.login(new SimpleCredentials("marco",
> "password".toCharArray()));
> Node node = usrSession.getNode("/testfolder"); //here the code fails because
> the node is not found!!
> {code}
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
