Oliver,
Thanks for the tip on the users collection. As an alternative,
I created a "john" collection under /files using the following
configuration:
<objectnode classname="org.apache.slide.structure.SubjectNode"
uri="/files">
<permission action="all" subject="unauthenticated"
inheritable="true" negative="true"/>
<permission action="/actions/write" subject="owner"
inheritable="true"/>
<permission action="/actions/read-acl" subject="owner"
inheritable="true"/>
<permission action="/actions/write-acl" subject="owner"
inheritable="true"/>
<objectnode classname="org.apache.slide.structure.SubjectNode"
uri="/files/john">
<revision>
<property namespace="DAV:"
name="owner">john</property>
</revision>
</objectnode>
</objectnode>
Unfortunately, I still get a 403 when I try to PUT a file into the john
collection even though I'm authenticated as john and john is the owner
of the collection. Can anyone offer any clarification as to why this is
the behavior? I would also welcome alternative suggestions for an
easily maintainable solution to setting up "home" directories for users.
Thanks in advance.
-Jason
-----Original Message-----
From: Oliver Zeigermann [mailto:[EMAIL PROTECTED]
Sent: Wednesday, November 17, 2004 6:06 PM
To: Slide Users Mailing List
Subject: Re: write privileges for owner
Jason, the collections in users should not be used to store data.
These are not supposed to be the home directory of the specific user,
but are the representation of the user itself.
Oliver
On Wed, 17 Nov 2004 13:54:59 -0500, Jason McElravy
<[EMAIL PROTECTED]> wrote:
> I am hoping to get some clarification on a security configuration for
> slide. I want each user on my server to have write privileges in his
> "home" directory. To test this I tried to alter the default
domain.xml
> configuration so john could write to /slide/users/john. I tried
> granting /actions/write to subject owner on /users and set
> inheritable="true". Here is the snippet:
>
> <objectnode classname="org.apache.slide.structure.SubjectNode"
> uri="/users">
> <permission action="/actions/write" subject="owner"
> inheritable="true"/>
> <permission action="/actions/write-acl" subject="owner"
> inheritable="true"/>
> <permission action="/actions/read-acl" subject="owner"
> inheritable="true"/>
> <permission action="all" subject="unauthenticated"
> inheritable="true" negative="true"/>
>
> I set john as the owner of the john directory like this:
>
> <objectnode classname="org.apache.slide.structure.SubjectNode"
> uri="/users/john">
>
> <revision>
> <property namespace="http://jakarta.apache.org/slide/";
> name="password">john</property>
> <property namespace="DAV:"
name="owner">john</property>
> </revision>
> </objectnode>
>
> I am able to modify the properties of /users/john under this when
> authenticated as john using this configuration but I get a 403 when I
> try to PUT a file in that directory. It works if /actions/write is
> granted to /roles/user instead of owner for the /users uri but that
> doesn't meet my requirements. I want to avoid having to maintain
write
> permissions for each user to their home directory like this:
>
> <objectnode classname="org.apache.slide.structure.SubjectNode"
> uri="/users/john">
> <permission action="/actions/write" subject="/users/john"
> inheritable="true"/>
>
> What am I missing in regard to granting write permissions to the
owner
> of a resource? Thanks in advance for your help. I am using
> slide-server 2.1b2 and webdavclient 2.1b1.
>
> -Jason
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
