hello angela, thx for the explanation and the code example. :-) ferry
-----Ursprüngliche Nachricht----- Von: Angela Schreiber [mailto:anch...@adobe.com] Gesendet: Mittwoch, 09. Mai 2012 15:32 An: users@jackrabbit.apache.org Betreff: Re: AW: AW: remove read-access for everyone from a principal ACL based workspace hi ferry well... that config just defines what to do on the initialization of the provider. if the corresponding access control entry exists in a subsequent start it will not be removed. in order to get rid of the existing entry you have to remove it using the API. something like Principal everyone = principalMgr.getEveryone(); AccessControlPolicy[] plcs = jackrabbitAcMgr.getPolicies(everyone) AccessControlPolicy everyonePolicy = [select the desired policy] jackrabbitAcMgr.removePolicy(everyonePolicy); session.save(); > perhabs principalbased.ACLProvider does not support the ' > omit-default-permission' parameter? yes, i am pretty sure that the principalbased ac provider supports that option :) anyway, i think the removal of the existing policy was the missing piece. still leave the config option as otherwise the ace will be recreated upon startup. kind regards angela
