Hello Nicolas, Your intent is possible. I can't find anything wrong with your configuration, so I would recommend going to the Slide's web.xml and set the property directory-browsing-hide-acl set to false. That might help you debugging the permissions you are really setting.
Hope this helps, Miguel Figueiredo -----Original Message----- From: Nicolas Duperré [mailto:[EMAIL PROTECTED] Sent: sexta-feira, 25 de Novembro de 2005 20:37 To: slide-user@jakarta.apache.org Subject: Permission... Help me please Let's say user Bob has two roles "users" and "powerUsers". How can Bob be able to read/write "/public" AND "/public/power" while Alice with only the role "Users" be able to read only "/public" AND NOT "/public/power" I have tried the following config but Bob cannot read "/public/power : <objectnode classname="org.apache.slide.structure.SubjectNode" uri="/roles/users"> <revision> <property name="group-member-set"><![CDATA[ <D:href xmlns:D='DAV:'>/users/Bob</D:href> <D:href xmlns:D='DAV:'>/users/Alice</D:href> </property> </revision> </objectnode> <objectnode classname="org.apache.slide.structure.SubjectNode" uri="/roles/powerUsers"> <revision> <property name="group-member-set"><![CDATA[ <D:href xmlns:D='DAV:'>/users/Bob</D:href> </property> </revision> </objectnode> <objectnode classname="org.apache.slide.structure.SubjectNode" uri="/public"> <permission action="/actions/read" subject="/roles/Users" inheritable="false"/> <permission action="/actions/read" subject="/roles/PowerUsers" inheritable="true"/> <permission action="/actions/write" subject="/roles/PowerUsers" inheritable="true"/> <objectnode classname="org.apache.slide.structure.SubjectNode" uri="/public/power"> <permission action="/actions/read" subject="/roles/Users" inheritable="true" negative="true"/> <permission action="/actions/read" subject="/roles/PowerUsers" inheritable="true"/> <permission action="/actions/write" subject="/roles/PowerUsers" inheritable="true"/> </objectnode> </objectnode> Can this be done ? Am I missing something ? Thank you very much --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]