You can probably still write to /files/girish because there is inheritable write access to all users in the /file collection. Set a negative right for them in /files/girish...
For a reference how security is supposed to work have a look at http://www.greenbytes.de/tech/webdav/rfc3744.html Oliver On Sat, 23 Oct 2004 15:01:23 +0530, Girish Nagaraj <[EMAIL PROTECTED]> wrote: > I am trying to setup a collection and it's child collection to have > different authentication. For achieving this, I edited the domain.xml > as below > > <objectnode classname="org.apache.slide.structure.SubjectNode" > uri="/files/girish"> > <permission action="all" subject="/user/gn" inheritable="true"/> > <permission action="/actions/write" subject="/user/john" > inheritable="true"/> > <permission action="/actions/read-acl" subject="/user/john" > inheritable="true"/> > </objectnode> > > Where "gn" was a user I defined in the domain.xml > <objectnode classname="org.apache.slide.structure.SubjectNode" uri="/users/gn"> > <revision> > <property namespace="http://jakarta.apache.org/slide/"; > name="password">gn</property> > </revision> > </objectnode> > > With this setup, I can't login with gn/gn nor does using john2/john2 > prevents me from creating a subfolder under /files/girish. > > Is it possible to setup authenication so that "writing" to certain > folders are allowed to only the specified users? If so, what am I > missing in the above example? > > Also, is it possible to make the app. server to prompt the user when a > different user is required. For example: If the user has logged in as > 'guest', can I somehow make tomcat/slide bring up the login dialog if > the user tries to create a folder under "/files/girish" ? > > I have gone through the archive but did not find anything obvious > which I could try. > > Thanks, > Girish > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
