Hi Robert,
On Jan 4, 2007, at 12:46 , Robert Gacki wrote:
<snip>
When I visit the page as a anonymous user (not authenticated, user and
userID are null?!), I still can see all contents of "/secured".
I assume you're talking about a "public" instance of Magnolia ? (as
opposed to the author instance)
Even the
Read-permission is granted, so I started wondering about this
anonymous user
and your security concept at all. Can somebody please explain, how
security
can be applied without touching Config->/server/secureURIList ? Why
is there
no anonymous user when not being authenticated to the Magnolia system?
If it is indeed a public instance, this could be a bug in the system,
because there *should* be an anonymous user. In that case, please
report on jira (http://jira.magnolia.info) with all necessary info to
reproduce the problem systematically, making it easier (i.e faster)
for us to fix it. We'll also gladly accept patches, obviously ;)
thanks !
greg
----------------------------------------------------------------
for list details see
http://www.magnolia.info/en/magnolia/developer.html
----------------------------------------------------------------
