I defined the roles in domain.xml. Not sure if I used the correct syntax
b/c the role is in LDAP (ie /roles/operator). (I deleted my stores and
restarted so it would read the new config)
I also added a few of the users under the roles to test. For testing I
have an operator user and an operator role. I am not sure if I added them
correctly b/c the users are within LDAP so not sure if they are suppose to
be /users/operator or something else?
When doing this I added a file using DAVExplorer, logged in as another user
and it had no restrictions on what I could do on it. So it did not work so
I must have missed or defined it wrong. I checked the different
properties through DAVExplorer UI but it does not show anything about
roles?
Thanks for all your help so far so I understand this better.
I have included my domain.xml
<?xml version="1.0"?>
<slide>
<property name="filespath">${org.apache.slide.webapp.rootpath}</
property>
<namespace name="slide">
<definition>
<store name="tx">
<parameter name="tlock-timeout">120</parameter>
<nodestore classname=
"org.apache.slide.store.txfile.TxXMLFileDescriptorsStore">
<parameter name="rootpath">
${filespath}../../../../../bin/store/metadata</parameter>
<parameter name="workpath">
${filespath}../../../../../bin/work/metadata</parameter>
<parameter name="defer-saving">true</parameter>
<parameter name="timeout">120</parameter>
</nodestore>
<sequencestore classname=
"org.apache.slide.store.txfile.FileSequenceStore">
<parameter name="rootpath">
${filespath}../../../../../bin/store/sequence</parameter>
</sequencestore>
<securitystore>
<reference store="nodestore"/>
</securitystore>
<lockstore>
<reference store="nodestore"/>
</lockstore>
<revisiondescriptorsstore>
<reference store="nodestore"/>
</revisiondescriptorsstore>
<revisiondescriptorstore>
<reference store="nodestore"/>
</revisiondescriptorstore>
<contentstore classname=
"org.apache.slide.store.txfile.TxFileContentStore">
<parameter name="rootpath">
${filespath}../../../../../bin/store/content</parameter>
<parameter name="workpath">
${filespath}../../../../../bin/work/content</parameter>
<parameter name="defer-saving">true</parameter>
<parameter name="timeout">120</parameter>
</contentstore>
</store>
<!-- Use a JNDIPrincipalStore to for users -->
<store name="users">
<nodestore classname=
"org.apache.slide.store.txjndi.JNDIPrincipalStore">
<!-- See javadoc for JNDIPrincipalStore for
description of parameters -->
<parameter name="cache.refresh.checkrate">15
</parameter>
<parameter name="cache.refresh.rate">600</
parameter>
<parameter name="cache.refresh.threshold">500
</parameter>
<parameter name="jndi.container">ou=People,
dc= info, dc=org</parameter>
<parameter name="jndi.attributes.rdn">cn</
parameter>
<parameter name="jndi.search.filter">
(objectClass=inetOrgPerson)</parameter>
<parameter name="jndi.search.scope">
SUBTREE_SCOPE</parameter>
<parameter name="jndi.search.attributes">
postalCode,initials,givenName,uid,mail,fullName,telephoneNumber,title,facsimileTelephoneNumber,groupMembership,l,sn,cn
</parameter>
<parameter name="java.naming.provider.url">
ldap://localhost:389</parameter>
<parameter name="java.naming.factory.initial"
>com.sun.jndi.ldap.LdapCtxFactory</parameter>
<parameter name=
"java.naming.security.principal">cn=root,dc=info,dc=org</parameter>
<parameter name=
"java.naming.security.authentication">simple</parameter>
<parameter name=
"java.naming.security.credentials">root</parameter>
</nodestore>
<securitystore>
<reference store="nodestore"/>
</securitystore>
<lockstore>
<reference store="nodestore"/>
</lockstore>
<revisiondescriptorsstore>
<reference store="nodestore"/>
</revisiondescriptorsstore>
<revisiondescriptorstore>
<reference store="nodestore"/>
</revisiondescriptorstore>
<contentstore>
<reference store="nodestore"/>
</contentstore>
</store>
<!-- Use a JNDIPrincipalStore for roles -->
<store name="roles">
<nodestore classname=
"org.apache.slide.store.txjndi.JNDIPrincipalStore">
<!-- See javadoc for JNDIPrincipalStore for
description of parameters -->
<parameter name="cache.refresh.checkrate">15
</parameter>
<parameter name="cache.refresh.rate">600</
parameter>
<parameter name="cache.refresh.threshold">500
</parameter>
<parameter name="jndi.container">
ou=Roles,o=EastCoast,o=HQ,c=US,dc=info,dc=org</parameter>
<parameter name="jndi.attributes.rdn">cn</
parameter>
<parameter name=
"jndi.attributes.groupmemberset">uniqueMember</parameter>
<parameter name="jndi.search.filter">
objectClass=groupOfUniqueNames</parameter>
<parameter name="jndi.search.scope">
SUBTREE_SCOPE</parameter>
<parameter name="jndi.search.attributes">cn</
parameter>
<parameter name="java.naming.provider.url">
ldap://localhost:389</parameter>
<parameter name="java.naming.factory.initial"
>com.sun.jndi.ldap.LdapCtxFactory</parameter>
<parameter name=
"java.naming.security.principal">cn=root,dc=info,dc=org</parameter>
<parameter name=
"java.naming.security.authentication">simple</parameter>
<parameter name=
"java.naming.security.credentials">root</parameter>
</nodestore>
<securitystore>
<reference store="nodestore"/>
</securitystore>
<lockstore>
<reference store="nodestore"/>
</lockstore>
<revisiondescriptorsstore>
<reference store="nodestore"/>
</revisiondescriptorsstore>
<revisiondescriptorstore>
<reference store="nodestore"/>
</revisiondescriptorstore>
<contentstore>
<reference store="nodestore"/>
</contentstore>
</store>
<!-- Mount each store at the appropriate URI -->
<scope match="/" store="tx"/>
<scope match="/users" store="users"/>
<scope match="/roles" store="roles"/>
</definition>
<configuration>
<!-- Actions mapping -->
<read-object>/actions/read</read-object>
<create-object>/actions/write</create-object>
<remove-object>/actions/write</remove-object>
<grant-permission>/actions/write-acl</grant-permission>
<revoke-permission>/actions/write-acl</revoke-permission>
<read-permissions>/actions/read-acl</read-permissions>
<read-own-permissions>/actions/read-current-user-privilege-set
</read-own-permissions>
<lock-object>/actions/write</lock-object>
<kill-lock>/actions/unlock</kill-lock>
<read-locks>/actions/read</read-locks>
<read-revision-metadata>/actions/read</read-revision-metadata>
<create-revision-metadata>/actions/write-properties</
create-revision-metadata>
<modify-revision-metadata>/actions/write-properties</
modify-revision-metadata>
<remove-revision-metadata>/actions/write-properties</
remove-revision-metadata>
<read-revision-content>/actions/read</read-revision-content>
<create-revision-content>/actions/write-content</
create-revision-content>
<modify-revision-content>/actions/write-content</
modify-revision-content>
<remove-revision-content>/actions/write-content</
remove-revision-content>
<bind-member>/actions/bind</bind-member>
<unbind-member>/actions/unbind</unbind-member>
<!-- Paths configuration -->
<userspath>/users</userspath>
<rolespath>/roles</rolespath>
<actionspath>/actions</actionspath>
<filespath>/files</filespath>
<parameter name="dav">true</parameter>
<parameter name="standalone">true</parameter>
<parameter name="acl_inheritance_type">path</parameter>
<!-- Nested roles: 0 means no nesting (default), 1 means one
sublevel, etc. -->
<parameter name="nested_roles_maxdepth">0</parameter>
<!-- Can be "off", "write" and "full" -->
<parameter name="sequential-mode">full</parameter>
<!-- "false" lets all read-only methods be executed outside of
transactions -->
<parameter name="all-methods-in-transactions">true</parameter>
<!-- Setting this to true will force Slide to internally
convert the username a user
enters at login to lowercase. This is useful for users who
can't be bothered
with turning off their capslock key before logging in. -->
<parameter name="force-lowercase-login">false</parameter>
</configuration>
<data>
<objectnode classname="org.apache.slide.structure.SubjectNode"
uri="/">
<!-- Subject can be:
any user "all"
authenticated user "authenticated"
unauthenticated user "unauthenticated"
self "self"
owner of resource "owner"
a user "/users/john"
a role "/roles/admin"
-->
<permission action="/actions/read-acl" subject="all"
inheritable="true" negative="true"/>
<permission action="/actions/write-acl" subject="all"
inheritable="true" negative="true"/>
<permission action="/actions/unlock" subject="all"
inheritable="true" negative="true"/>
<permission action="/actions/read" subject="all"
inheritable="true"/>
<!-- /users -->
<objectnode classname=
"org.apache.slide.structure.SubjectNode" uri="/users">
<permission action="all" subject="self"
inheritable="true"/>
<permission action="all" subject=
"authenticated" inheritable="true" negative="true"/>
</objectnode>
<objectnode classname=
"org.apache.slide.structure.SubjectNode" uri="/roles">
<permission action="all" subject="self"
inheritable="true"/>
<permission action="all" subject=
"authenticated" inheritable="true" negative="true"/>
<objectnode classname=
"org.apache.slide.structure.SubjectNode" uri="/roles/operator">
<revision>
<property name="group-member-set"><![CDATA[
<D:href xmlns:D='DAV:'>/users/operator</D:href>]]></property>
</revision>
</objectnode>
<objectnode classname=
"org.apache.slide.structure.SubjectNode" uri="/roles/operatorUS">
<revision>
<property name="group-member-set"><![CDATA[
<D:href xmlns:D='DAV:'>/users/operatorUS</D:href>]]></property>
</revision>
</objectnode>
<objectnode classname=
"org.apache.slide.structure.SubjectNode" uri="/roles/lawenforcement">
<revision>
<property name="group-member-set"><![CDATA[
<D:href xmlns:D='DAV:'>/users/lawenforcement</D:href>]]></property>
</revision>
</objectnode>
<objectnode classname=
"org.apache.slide.structure.SubjectNode" uri="/roles/lawenforcementUS">
<revision>
<property name="group-member-set"><![CDATA[
<D:href xmlns:D='DAV:'>/users/lawenforcementUS</D:href>]]></property>
</revision>
</objectnode>
<objectnode classname=
"org.apache.slide.structure.SubjectNode" uri="/roles/analyst">
<revision>
<property name="group-member-set"><![CDATA[
<D:href xmlns:D='DAV:'>/users/analyst</D:href>]]></property>
</revision>
</objectnode>
<objectnode classname=
"org.apache.slide.structure.SubjectNode" uri="/roles/admin">
<revision>
<property name="group-member-set"><![CDATA[
<D:href xmlns:D='DAV:'>/users/admin</D:href>]]></property>
</revision>
</objectnode>
</objectnode>
<!-- action -->
<objectnode classname=
"org.apache.slide.structure.ActionNode" uri="/actions">
<objectnode classname=
"org.apache.slide.structure.ActionNode" uri="/actions/read">
<revision>
<property name="privilege-member-set"><![CDATA[
<D:href xmlns:D='DAV:'>/actions/read-acl</D:href> <D:href
xmlns:D='DAV:'>/actions/read-current-user-privilege-set</D:href>]]></
property>
</revision>
</objectnode>
<objectnode classname=
"org.apache.slide.structure.ActionNode" uri="/actions/read-acl">
<revision>
<property name="privilege-member-set"/>
</revision>
</objectnode>
<objectnode classname=
"org.apache.slide.structure.ActionNode" uri=
"/actions/read-current-user-privilege-set">
<revision>
<property name="privilege-member-set"/>
</revision>
</objectnode>
<objectnode classname=
"org.apache.slide.structure.ActionNode" uri="/actions/write">
<revision>
<property name="privilege-member-set"><![CDATA[
<D:href xmlns:D='DAV:'>/actions/write-acl</D:href> <D:href
xmlns:D='DAV:'>/actions/write-properties</D:href> <D:href
xmlns:D='DAV:'>/actions/write-content</D:href>]]></property>
</revision>
</objectnode>
<objectnode classname=
"org.apache.slide.structure.ActionNode" uri="/actions/write-acl">
<revision>
<property name="privilege-member-set"/>
</revision>
</objectnode>
<objectnode classname=
"org.apache.slide.structure.ActionNode" uri="/actions/write-properties">
<revision>
<property name="privilege-member-set"/>
</revision>
</objectnode>
<objectnode classname=
"org.apache.slide.structure.ActionNode" uri="/actions/write-content">
<revision>
<property name="privilege-member-set"><![CDATA[
<D:href xmlns:D='DAV:'>/actions/bind</D:href> <D:href
xmlns:D='DAV:'>/actions/unbind</D:href>]]></property>
</revision>
</objectnode>
<objectnode classname=
"org.apache.slide.structure.ActionNode" uri="/actions/bind">
<revision>
<property name="privilege-member-set"/>
</revision>
</objectnode>
<objectnode classname=
"org.apache.slide.structure.ActionNode" uri="/actions/unbind">
<revision>
<property name="privilege-member-set"/>
</revision>
</objectnode>
<objectnode classname=
"org.apache.slide.structure.ActionNode" uri="/actions/unlock">
<revision>
<property name="privilege-member-set"/>
</revision>
</objectnode>
</objectnode>
<objectnode classname=
"org.apache.slide.structure.SubjectNode" uri="/files">
<permission action="all" subject="authenticated"
inheritable="true"/>
<permission action="/actions/write" subject=
"authenticated" inheritable="true"/>
<permission action="/actions/read-acl" subject="owner"
inheritable="true"/>
</objectnode>
<!-- DeltaV: default history and workspace paths -->
<objectnode classname=
"org.apache.slide.structure.SubjectNode" uri="/history">
<permission action="all" subject="authenticated"
inheritable="true"/>
<permission action="/actions/write" subject=
"authenticated" inheritable="true"/>
<permission action="/actions/read-acl" subject="owner"
inheritable="true"/>
</objectnode>
<objectnode classname=
"org.apache.slide.structure.SubjectNode" uri="/workspace">
<permission action="all" subject="authenticated"
inheritable="true"/>
<permission action="/actions/write" subject=
"authenticated" inheritable="true"/>
<permission action="/actions/read-acl" subject="owner"
inheritable="true"/>
</objectnode>
<objectnode classname=
"org.apache.slide.structure.SubjectNode" uri="/workingresource">
<permission action="all" subject="authenticated"
inheritable="true"/>
<permission action="/actions/write" subject=
"authenticated" inheritable="true"/>
<permission action="/actions/read-acl" subject="owner"
inheritable="true"/>
</objectnode>
</objectnode>
</data>
</namespace>
<parameter name="historypath">/history</parameter>
<parameter name="workspacepath">/workspace</parameter>
<parameter name="workingresourcepath">/workingresource</parameter>
<parameter name="auto-version">checkout-checkin</parameter>
<parameter name="auto-version-control">true</parameter>
<parameter name="versioncontrol-exclude"/>
<parameter name="checkout-fork">forbidden</parameter>
<parameter name="checkin-fork">forbidden</parameter>
<parameter name="allow-delete-of-versions">false</parameter>
<!-- Event configuration -->
<events>
<event classname="org.apache.slide.webdav.event.WebdavEvent" enable
="true" />
<event classname="org.apache.slide.event.ContentEvent" enable=
"true" />
<event classname="org.apache.slide.event.ContentEvent" method=
"retrieve" enable="false" />
<event classname="org.apache.slide.event.EventCollection" enable=
"true" />
<event classname="org.apache.slide.event.TransactionEvent" enable=
"true" />
<event classname="org.apache.slide.event.MacroEvent" enable="true"
/>
<!--listener classname="org.apache.slide.util.event.EventLogger"
/-->
<listener classname="org.apache.slide.event.VetoableEventCollector"
/>
<listener classname=
"org.apache.slide.event.TransientEventCollector" />
<listener classname=
"org.apache.slide.webdav.event.NotificationTrigger">
<configuration>
<notification include-events="false" />
<persist-subscriptions filename="subscriptions.xml" />
</configuration>
</listener>
<listener classname=
"org.apache.slide.extractor.PropertyExtractorTrigger" />
<listener classname="org.apache.slide.search.IndexTrigger">
<configuration>
<indexer classname="org.apache.slide.search.LoggingIndexer"
synchronous="false" uri="/files/articles" />
</configuration>
</listener>
<listener classname="org.apache.slide.macro.MacroPropertyUpdater">
<!-- Listener that updates some properties if resources are
copied or moved. This requires MacroEvents enabled (at
least methods copy and move) -->
<configuration>
<update-displayname>true</update-displayname>
<update-owner-on-move>false</update-owner-on-move>
<update-owner-on-copy>true</update-owner-on-copy>
</configuration>
</listener>
</events>
</slide>
"Burnside,
Phillip \(UK -
Glasgow\)" To
<phillipburnside@ "Slide Users Mailing List"
deloitte.co.uk> <slide-user@jakarta.apache.org>
cc
07/21/2005 12:33
PM Subject
RE: acl question
Please respond to
"Slide Users
Mailing List"
<[EMAIL PROTECTED]
ta.apache.org>
Kevin,
Roles & LDAP
Yep, you need to define the roles within SLIDE. They need to match your
LDAP roles otherwise there is no context for SLIDE to base itself on.
Roles & Users & Domain.XML
Absolutely right - Domain.XML is only used to initialise. What you see with
the base examples are the user defs for that role. I haven't had to do any
dynamic changing of the roles but I suspect that if you carry the role
through from the LDAP environment you may not have to do this dynamic
change at all. The user is associated with the role. The role is associated
with the permissions. I haven't tested this but that would be my gut feel.
Others may be able to answer this for you/us.
Dynamically associating roles.
Again I haven't had to do this, but since the permissions are properties of
the folder I would think a simple call to change/add/remove the role from
the property should sort that out. If you can't do it directly through a
WebDAV call then grab the XML and do it through that.
Hth
Phil
-----Original Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]
Sent: Thu 21/07/2005 17:23
To: Slide Users Mailing List
Cc:
Subject: RE: acl question
I think you are right. I have not defined any roles within
Slide. It
sounds like the roles in Slide need to match the roles in
LDAP. In looking
at the /roles in domain.xml do you need to define each user in
the role
like the following? I could have a few thousand users that
keep getting
added as the project moves forward.
<objectnode
classname="org.apache.slide.structure.SubjectNode"
uri="/roles/user">
<revision>
<property name="group-member-set"><![CDATA[<D:href
xmlns:D='DAV:'>/users/john</D:href><D:href
xmlns:D='DAV:'>/users/john2</D:href><D:href
xmlns:D='DAV:'>/users/root</D:href><D:href
xmlns:D='DAV:'>/users/projector</D:href>]]></property>
</revision>
</objectnode>
I am uploading files (putmethod) and creating directories
(mkcol) with my
application, how do I dynamically add directories with roles
like in the
domain.xml b/c I think the domain.xml is only used at init?
For each file I put on the server it creates a file/directory
structure
something likes this:
xx/yy/zz/xx_yy_zz_state.jpg
xx/yy/zz/THUMBNAIL/xx_yy_zz_state.jpg
"Burnside,
Phillip \(UK -
Glasgow\)"
To
<phillipburnside@ "Slide Users Mailing
List"
deloitte.co.uk>
<slide-user@jakarta.apache.org>
cc
07/21/2005 03:59
AM
Subject
RE: acl question
Please respond to
"Slide Users
Mailing List"
<[EMAIL PROTECTED]
ta.apache.org>
Kevin,
Without seeing the entire Domain.XML I'm guessing a bit, but I
would
suspect that you haven't defined the specific role permissions
on the
store.
Although you have defined the roles in JNDI you haven't
defined them in
SLIDE nor have you set specific permissions for them on the
store.
I have included a code snippet to show you what I mean. In the
snippet I
have previously defined a role '/roles/data1' and now exclude
it from the
folder 'marketing'. This blocks any user with the role from
writing to the
'marketing' folder or any sub-folders. I then explicitly allow
'/users/user3' permission to write to '/marketing/gadgets'.
Hth
Phil
<objectnode
classname="org.apache.slide.structure.SubjectNode"
uri="/">
<!-- Subject can be: any user
"all" authenticated user "authenticated" unauthenticated
user "unauthenticated" self "self" owner
of resource "owner" a user "/users/john"
a role "/roles/admin" -->
<permission action="/actions/read-acl"
subject="all"
inheritable="true"/>
<permission action="/actions/write-acl"
subject="all"
inheritable="true"/>
<permission action="/actions/unlock"
subject="all"
inheritable="true"/>
<permission action="/actions/read"
subject="all"
inheritable="true"/>
<permission action="/actions/write"
subject="/roles/data1"
inheritable="true"/>
<permission action="/actions/bind"
subject="/roles/data1"
inheritable="true"/>
<objectnode
classname="org.apache.slide.structure.SubjectNode"
uri="/marketing">
<permission action="/actions/write"
subject="/roles/data1"
inheritable="true" negative="true"/>
<permission action="/actions/bind"
subject="/roles/data1"
inheritable="true"/>
<objectnode
classname="org.apache.slide.structure.SubjectNode"
uri="/marketing/widgets">
<permission action="/actions/read-acl"
subject="owner"
inheritable="true"/>
</objectnode>
<objectnode
classname="org.apache.slide.structure.SubjectNode"
uri="/marketing/gadgets">
<permission action="/actions/read-acl"
subject="owner"
inheritable="true"/>
<permission action="/actions/write"
subject="/users/user3"
inheritable="true"/>
<permission action="/actions/bind"
subject="/users/user3"
inheritable="true"/>
</objectnode>
</objectnode>
<objectnode
classname="org.apache.slide.structure.SubjectNode"
uri="/accounts">
<objectnode
classname="org.apache.slide.structure.SubjectNode"
uri="/accounts/p_and_l">
<permission action="/actions/read-acl"
subject="owner"
inheritable="true"/>
<permission action="/actions/write"
subject="/roles/data1"
inheritable="true" negative="true"/>
<permission action="/actions/bind"
subject="/roles/data1"
inheritable="true"/>
</objectnode>
<objectnode
classname="org.apache.slide.structure.SubjectNode"
uri="/accounts/balance">
<permission action="/actions/read-acl"
subject="owner"
inheritable="true"/>
</objectnode>
</objectnode>
</objectnode>
-----Original Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]
Sent: Thu 21/07/2005 00:19
To: Slide Users Mailing List
Cc:
Subject: acl question
In my domain.xml I have setup permission such
that under "/"
all can
read-acl, write-acl, unlock and read (the
default)
<permission action="/actions/read-acl"
subject="all"
inheritable="true"
negative="true"/>
<permission action="/actions/write-acl"
subject="all"
inheritable="true"
negative="true"/>
<permission action="/actions/unlock"
subject="all"
inheritable="true"
negative="true"/>
<permission action="/actions/read"
subject="all"
inheritable="true"/>
Under "/files" I have setup permission such that
anyone
authenticated can
do anything, write if authenticated (although
redundant I
think),
and the owner can read-acl (also redundant?)
<permission action="all"
subject="authenticated"
inheritable="true"/>
<permission action="/actions/write"
subject="authenticated"
inheritable=
"true"/>
<permission action="/actions/read-acl"
subject="owner"
inheritable="true"
/>
I am using the JNDIPrincipalStore for user and
roles so this
is all I have
in the domain.xml (default from the JNDI
example):
<objectnode classname=
"org.apache.slide.structure.SubjectNode"
uri="/users">
<permission
action="all"
subject="self"
inheritable="true"/>
<permission
action="all"
subject=
"authenticated" inheritable="true"
negative="true"/>
</objectnode>
<objectnode classname=
"org.apache.slide.structure.SubjectNode"
uri="/roles">
<permission
action="all"
subject="self"
inheritable="true"/>
<permission
action="all"
subject=
"authenticated" inheritable="true"
negative="true"/>
</objectnode>
User A authenticates and writes file X to the
WebDAV server.
User B authenticates and changes the contents of
file X on the
server.
The problem is that user A and user B belong
different roles
and should not
be able to do this.
How or where do I define this restriction?
Thanks
---------------------------------------------------------------------
To unsubscribe, e-mail:
[EMAIL PROTECTED]
For additional commands, e-mail:
[EMAIL PROTECTED]
IMPORTANT NOTICE
If you have received this e-mail in error or wish to read our
e-mail
disclaimer statement and monitoring policy, please refer to
the statement
below or contact the sender.
This communication is from Deloitte & Touche LLP. Deloitte &
Touche LLP
is a limited liability partnership registered in England and
Wales with
registered number OC303675. A list of members' names is
available for
inspection at Stonecutter Court, 1 Stonecutter Street, London
EC4A 4TR,
United Kingdom, the firm's principal place of business and
registered
office. Deloitte & Touche LLP is authorised and regulated by
the
Financial Services Authority.
This communication and any attachments contain information
which is
confidential and may also be privileged. It is for the
exclusive use of
the intended recipient(s). If you are not the intended
recipient(s) please
note that any form of disclosure, distribution, copying or use
of this
communication or the information in it or in any attachments
is strictly
prohibited and may be unlawful. If you have received this
communication in
error, please return it with the title "received in error" to
[EMAIL PROTECTED] then delete the email and
destroy any copies
of it.
E-mail communications cannot be guaranteed to be secure or
error free, as
information could be intercepted, corrupted, amended, lost,
destroyed,
arrive late or incomplete, or contain viruses. We do not
accept liability
for any such matters or their consequences. Anyone who
communicates with
us by e-mail is taken to accept the risks in doing so.
When addressed to our clients, any opinions or advice
contained in this
e-mail and any attachments are subject to the terms and
conditions
expressed in the governing Deloitte & Touche LLP client
engagement letter.
Opinions, conclusions and other information in this e-mail and
any
attachments which do not relate to the official business of
the firm are
neither given nor endorsed by it.
---------------------------------------------------------------------
To unsubscribe, e-mail:
[EMAIL PROTECTED]
For additional commands, e-mail:
[EMAIL PROTECTED]
---------------------------------------------------------------------
To unsubscribe, e-mail:
[EMAIL PROTECTED]
For additional commands, e-mail:
[EMAIL PROTECTED]
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
