Deepal Jayasinghe wrote:
Deepal
I'm trying to follow the protocol guide
http://wso2.org/wiki/display/registry/Registry+Protocol
to get the collection of all tags in the system.
What have I done wrong?
I think we need to support /tags and /comments at the registry level
not at the APP level. If the registry support /tags then APP will
serialize that without having any problem.
Any way this is a very simple fix in APP side even I did that locally
and got that working , but I am wondering to commit that change or not
Also this is a bug because if the resource doesn't exist we should
respond 404 instead.
However secureresgistry returns AuthorizationFailedException instead
of RNF
Secure registry checks if the given user has GET permission on the given
path. If the resource does not exists, there are no permissions defined
on that path. Therefore, permission check fails. So
AuthorizationFailedException is returned by the secure registry.
At this point, there is no way for the secure registry to determine if a
resource exists or not. Secure registry may get "Get" requests for
actual resources as well as for virtual resource paths (handled by URL
handlers). It is impossible to determine whether a virtual resource
exists or not without executing all URL handlers.
Now I am thinking that it is not correct to separate the security as a
layer. IMHO it is better to let the individual components handle the
security for the processing they are doing. May be we can refactore this
after 1.0.
Thanks,
Chathura
-Deepal
Paul
_______________________________________________
Registry-dev mailing list
[email protected]
http://wso2.org/cgi-bin/mailman/listinfo/registry-dev
_______________________________________________
Registry-dev mailing list
[email protected]
http://wso2.org/cgi-bin/mailman/listinfo/registry-dev
