To be more precise, I want to start using org.apache.slide.security=false and not take advantage of the built-in slide ACL and instead use enterprise JAAS for authentication/authorization in a coarse-grain sense. This should also work around the performance hit regarding using ACL's (and, for my scenarios, coarse-grain security is all that is needed, not fine-grain ACLs).
Does anyone have more information regarding moving towards non-ACL/JAAS-only Slide install/implementations? -D > -----Original Message----- > From: Darren Hartford [mailto:[EMAIL PROTECTED] > Sent: Wednesday, July 19, 2006 11:43 AM > To: Slide Users Mailing List > Subject: Webdav methods - which are allowable/required for read-only? > > Hey all, > I'm looking at the web.xml for slide, and want to separate > the <security-constraints> into a search/read-only role and > an admin role. > > > For admin, it's easy: > ============================= > <web-resource-collection> > <web-resource-name>Admin DAV resource</web-resource-name> > <url-pattern>/*</url-pattern> > <http-method>COPY</http-method> > <http-method>DELETE</http-method> > <http-method>GET</http-method> > <http-method>HEAD</http-method> > <http-method>LOCK</http-method> > <http-method>MKCOL</http-method> > <http-method>MOVE</http-method> > <http-method>OPTIONS</http-method> > <http-method>POST</http-method> > <http-method>PROPFIND</http-method> > <http-method>PROPPATCH</http-method> > <http-method>PUT</http-method> > <http-method>UNLOCK</http-method> > <http-method>VERSION-CONTROL</http-method> > <http-method>REPORT</http-method> > <http-method>CHECKIN</http-method> > <http-method>CHECKOUT</http-method> > <http-method>UNCHECKOUT</http-method> > <http-method>MKWORKSPACE</http-method> > <http-method>UPDATE</http-method> > <http-method>LABEL</http-method> > <http-method>MERGE</http-method> > <http-method>BASELINE-CONTROL</http-method> > <http-method>MKACTIVITY</http-method> > <http-method>ACL</http-method> > <http-method>SEARCH</http-method> > <http-method>BIND</http-method> > <http-method>UNBIND</http-method> > <http-method>REBIND</http-method> > <http-method>SUBSCRIBE</http-method> > <http-method>UNSUBSCRIBE</http-method> > <http-method>POLL</http-method> > <http-method>NOTIFY</http-method> > </web-resource-collection> > =============================== > > > For a search/read-only type of WebDAV role, what should be > added/removed from below? > ============================== > <web-resource-collection> > <web-resource-name>Search and Browse DAV > resource</web-resource-name> > <url-pattern>/*</url-pattern> > <http-method>GET</http-method> > <http-method>HEAD</http-method> > <http-method>LOCK</http-method> > <http-method>OPTIONS</http-method> > <http-method>POST</http-method> > <http-method>PROPFIND</http-method> > <http-method>UNLOCK</http-method> > <http-method>VERSION-CONTROL</http-method> > <http-method>REPORT</http-method> > <http-method>LABEL</http-method> > <http-method>BASELINE-CONTROL</http-method> > <http-method>MKACTIVITY</http-method> > <http-method>ACL</http-method> > <http-method>SEARCH</http-method> > <http-method>BIND</http-method> > <http-method>UNBIND</http-method> > <http-method>REBIND</http-method> > <http-method>SUBSCRIBE</http-method> > <http-method>UNSUBSCRIBE</http-method> > <http-method>POLL</http-method> > <http-method>NOTIFY</http-method> > </web-resource-collection> > ==================== > > > Thanks, > -D > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
