I am hoping to get some clarification on a security configuration for
slide. I want each user on my server to have write privileges in his
"home" directory. To test this I tried to alter the default domain.xml
configuration so john could write to /slide/users/john. I tried
granting /actions/write to subject owner on /users and set
inheritable="true". Here is the snippet:
<objectnode classname="org.apache.slide.structure.SubjectNode"
uri="/users">
<permission action="/actions/write" subject="owner"
inheritable="true"/>
<permission action="/actions/write-acl" subject="owner"
inheritable="true"/>
<permission action="/actions/read-acl" subject="owner"
inheritable="true"/>
<permission action="all" subject="unauthenticated"
inheritable="true" negative="true"/>
I set john as the owner of the john directory like this:
<objectnode classname="org.apache.slide.structure.SubjectNode"
uri="/users/john">
<revision>
<property namespace="http://jakarta.apache.org/slide/";
name="password">john</property>
<property namespace="DAV:" name="owner">john</property>
</revision>
</objectnode>
I am able to modify the properties of /users/john under this when
authenticated as john using this configuration but I get a 403 when I
try to PUT a file in that directory. It works if /actions/write is
granted to /roles/user instead of owner for the /users uri but that
doesn't meet my requirements. I want to avoid having to maintain write
permissions for each user to their home directory like this:
<objectnode classname="org.apache.slide.structure.SubjectNode"
uri="/users/john">
<permission action="/actions/write" subject="/users/john"
inheritable="true"/>
What am I missing in regard to granting write permissions to the owner
of a resource? Thanks in advance for your help. I am using
slide-server 2.1b2 and webdavclient 2.1b1.
-Jason
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
