Karolis Mackevicius wrote > Hi, > > I am trying to implement > org.apache.sling.resourceaccesssecurity.ResourceAccessGate component > (dependency version 1.0.0), with following properties: > > * access.context=application > * operations=read > * path=/content/dam/.* > > @Component(property = > {"access.context=application","operations=read","path=/content/dam/.*"}, > service = ResourceAccessGate.class) > > Once I deploy it, everything under all other paths (that are not > /content/dam) or other operations (create,update,delete,execute) is not > accessible anymore. > > Currently as a workaround I have created another ResourceAccessGate > component with no path and for all operations, which I originally don't > want to check. > > Q: is this expected behavior?
Hi, unfortunately, yes, this is the expected behaviour. If there is no application ResourceAccessGate no check at all is performed at this level. However as soon as there is at least one, then there needs to be ResourceAccessGate that grants operations. So registering such an application level gate basically denies everything except granted by this gate. It's a little bit uncommon but that's how it was designed :) Regards Carsten > > Best Regards, > > Karolis > -- Carsten Ziegeler Adobe Research Switzerland cziege...@apache.org