hi ferry well... that config just defines what to do on the initialization of the provider. if the corresponding access control entry exists in a subsequent start it will not be removed.
in order to get rid of the existing entry you have to remove it using the API. something like Principal everyone = principalMgr.getEveryone(); AccessControlPolicy[] plcs = jackrabbitAcMgr.getPolicies(everyone) AccessControlPolicy everyonePolicy = [select the desired policy] jackrabbitAcMgr.removePolicy(everyonePolicy); session.save();
perhabs principalbased.ACLProvider does not support the ' omit-default-permission' parameter?
yes, i am pretty sure that the principalbased ac provider supports that option :) anyway, i think the removal of the existing policy was the missing piece. still leave the config option as otherwise the ace will be recreated upon startup. kind regards angela
