Hello. I have a cron script which has to send datas to slide. For security reasons, the areas this script has access to is restricted to a specific collection in slide. This collection is /webcontent/d2/s5/hepdo/ and the script has full rights access to that ressource. The script use the username 'cron' When i do a PUT in this collection to upload a new file, here is the message the script gets as result:
message Forbidden: Access denied on / by user /users/cron for action /actions/read description: Access to the specified resource (Forbidden: Access denied on / by user /users/cron for action /actions/read) has been forbidden. The tomcat console shows this output: http-8081-Processor4, 19-Apr-2005 14:18:51, cron, PUT, 403 "Forbidden", 13 ms, /webcontent/d2/s5/hepdo/megawinternights.gif Why should PUT need read access to /? If i want a user to have write access to /webcontent/d2/s5/hepdo/, does that mean i need to give him read access to /, /webcontent, /webcontent/d2, /webcontent/d2/s5 and /webcontent/d2/s5/hepdo ???? That look to me a bit cumbersome to manage ACLs in such a situation. Here, by default all is in acces forbidden (user: all, priviledge: all, grant: denied, inheritable: true at the root level) and subdirectories, when needed, get the allowance to be read/managed by one or more user groups). If i need to go to all collection an explicitly remove read access to this collection because i can not do it at parent level, where is the interest of acl inheritance? Can some body tell me how to have this script be allowed to do a PUT on that collection whitout having to change all my acl in the application? (an btw be forced to manage a huge more amount of ACLs) -- David Delbecq Royal Meteorological Institute of Belgium --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
