RE: cvs commit: jakarta-slide/src/conf/webapp Domain.xml

Thu, 20 Sep 2001 14:41:37 -0700 

hi dirk,
  I wonder if the change you made in the Domain.xml file is required. On the
slide documentation
  page at http://jakarta.apache.org/slide/security.html it says at the end
in the NodePermission section

Subject: Subject of the permission. This can be either the uri of an object
in the namespace, the name (or interface class name) of a role or a self
permission (in which case the subject is equal to "~").

Since the subject can have the name of the role(defined in the roles
section) as its value i think what was meant
by line  <permission action="/actions" subject="root"/> is that all users
having the root role have permissions to all actions of the root node("/").
And this makes sense because instead of having to list all the possible
users who have a permission you can just list the roles that the user has to
have in order to have a permission.
     thanks,
     rajkumar


-----Original Message-----
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
Sent: Thursday, September 20, 2001 2:33 PM
To: [EMAIL PROTECTED]
Subject: cvs commit: jakarta-slide/src/conf/webapp Domain.xml


dirkv       01/09/20 14:32:32

  Modified:    src/conf/webapp Domain.xml
  Log:
  Cleanup acl rules examples

  Revision  Changes    Path
  1.24      +3 -3      jakarta-slide/src/conf/webapp/Domain.xml

  Index: Domain.xml
  ===================================================================
  RCS file: /home/cvs/jakarta-slide/src/conf/webapp/Domain.xml,v
  retrieving revision 1.23
  retrieving revision 1.24
  diff -u -r1.23 -r1.24
  --- Domain.xml        2001/08/15 01:17:43     1.23
  +++ Domain.xml        2001/09/20 21:32:32     1.24
  @@ -140,8 +140,8 @@

         <objectnode classname="org.apache.slide.structure.SubjectNode"
uri="/">

  -        <permission action="/actions" subject="root"/>
  -        <permission action="/actions/read" subject="user"
  +        <permission action="/actions" subject="/users/root"/>
  +        <permission action="/actions/read" subject="/users"
            inheritable="false"/>
           <permission action="/actions/read" subject="nobody"
            inheritable="false"/>
  @@ -154,7 +154,7 @@
             <permission action="/actions" subject="~"/>
             <permission action="/actions" subject="guest"
              inheritable="true" negative="true"/>
  -          <permission action="/actions/read" subject="user"
  +          <permission action="/actions/read" subject="/users"
              inheritable="false"/>

             <!-- Permission group example -->

Reply via email to