Could it be a problem with a particular store implementation?
The interface provides 4 methods:
- void grantPermission(Uri uri, NodePermission permission) - void revokePermission(Uri uri, NodePermission permission) - void revokePermissions(Uri uri) - Enumeration enumeratePermissions(Uri uri)
The Javadoc of grantPermission() [org.apache.slide.store.SecurityStore] does not explicitly state it ... but at least in our Tamino-based store implementation, the new ACE is *appended* to the existing ACL. I suppose that Oliver's TX store does it in the same way. And enumeratePermissions(), of course, should return the ACEs in the defined ordering.
Peter,
This is entirely correct. The problem is with all the JDBC-based stores - they, like your tamino store, append it to a list or vector internally, but between storing and loading that data via SQL, the ordering is not maintained.
The javadoc should probably be updated. I'd also suggest that the store interface would be better if the interface were changed to remove the first two of these methods, and add a grantPermissions() method - the only way this store is ever used (as far as I know), and the only way that ever makes sense, is to grant a list of permissions (an ACL) after clearing all existing permissions. But the change isn't really neccesary.
Mike
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
