People,
I have the slide configuration in the end of email.
I had integrated with AD. User authentication works fine. But
authorization no.
My users do not have access to PUT files in the repository. They only
can GET files.
Any suggestion to solve my problem?
Thanks
<slide logger="org.jboss.portal.cms.slide.Log4JLogger">
<namespace name="slide">
<definition>
<store name="j2ee">
<nodestore
classname="org.apache.slide.store.impl.rdbms.J2EEStore">
<parameter name="datasource">SlideDS</parameter>
<parameter
name="adapter">org.apache.slide.store.impl.rdbms.PostgresRDBMSAdapter</parameter>
<parameter name="compress">false</parameter>
</nodestore>
<securitystore>
<reference store="nodestore"/>
</securitystore>
<lockstore>
<reference store="nodestore"/>
</lockstore>
<revisiondescriptorsstore>
<reference store="nodestore"/>
</revisiondescriptorsstore>
<revisiondescriptorstore>
<reference store="nodestore"/>
</revisiondescriptorstore>
<contentstore>
<reference store="nodestore"/>
</contentstore>
</store>
<scope match="/" store="j2ee"/>
<store name="users">
<nodestore
classname="org.apache.slide.store.txjndi.JNDIPrincipalStore">
<parameter
name="jndi.container">dc=sjes,dc=gov,dc=br</parameter>
<parameter
name="jndi.attributes.rdn">cn</parameter>
<parameter
name="jndi.attributes.userprincipalname">sAMAccountName</parameter>
<parameter
name="jndi.search.filter"><![CDATA[(&(objectClass=user)(|(sAMAccountName=jes*)(cn=intranet)))]]></parameter>
<parameter
name="jndi.search.scope">SUBTREE_SCOPE</parameter>
<parameter
name="jndi.search.attributes"></parameter>
<parameter
name="java.naming.provider.url">ldap://sjes.gov.br:389</parameter>
<parameter
name="java.naming.factory.initial">com.sun.jndi.ldap.LdapCtxFactory</parameter>
<parameter
name="java.naming.security.principal">cn=intranet,ou=Servicos,dc=sjes,dc=gov,dc=br</parameter>
<parameter
name="java.naming.security.authentication">simple</parameter>
<parameter
name="java.naming.security.credentials">****</parameter>
<parameter
name="cache.refresh.checkrate">15</parameter>
<parameter
name="cache.refresh.rate">800</parameter>
<parameter
name="cache.refresh.threshold">15000</parameter>
</nodestore>
<securitystore
classname="org.apache.slide.store.impl.rdbms.J2EEStore">
<parameter name="datasource">SlideDS</parameter>
<parameter
name="adapter">org.apache.slide.store.impl.rdbms.PostgresRDBMSAdapter</parameter>
<parameter name="compress">false</parameter>
</securitystore>
<lockstore>
<reference store="securitystore"/>
</lockstore>
<revisiondescriptorsstore>
<reference store="nodestore"/>
</revisiondescriptorsstore>
<revisiondescriptorstore>
<reference store="nodestore"/>
</revisiondescriptorstore>
<contentstore>
<reference store="nodestore"/>
</contentstore>
</store>
<scope match="/users" store="users"/>
<store name="roles">
<nodestore
classname="org.apache.slide.store.txjndi.JNDIPrincipalStore">
<parameter
name="jndi.container">dc=sjes,dc=gov,dc=br</parameter>
<parameter
name="jndi.attributes.rdn">cn</parameter>
<parameter
name="jndi.search.filter">(objectClass=group)</parameter>
<parameter
name="jndi.search.scope">SUBTREE_SCOPE</parameter>
<parameter
name="jndi.search.attributes"></parameter>
<parameter
name="java.naming.provider.url">ldap://sjes.gov.br:389</parameter>
<parameter
name="java.naming.factory.initial">com.sun.jndi.ldap.LdapCtxFactory</parameter>
<parameter
name="java.naming.security.principal">cn=intranet,ou=Servicos,dc=sjes,dc=gov,dc=br</parameter>
<parameter
name="java.naming.security.authentication">simple</parameter>
<parameter
name="java.naming.security.credentials">****</parameter>
<parameter
name="java.naming.referral">follow</parameter>
<parameter
name="cache.refresh.checkrate">15</parameter>
<parameter
name="cache.refresh.rate">800</parameter>
<parameter
name="cache.refresh.threshold">15000</parameter>
</nodestore>
<securitystore
classname="org.jboss.portal.cms.slide.store.hibernate.HibernateStore">
<parameter
name="hibernate.connection.datasource">java:/SlideDS</parameter>
<parameter
name="hibernate.connection.isolation">2</parameter>
<parameter
name="hibernate.jdbc.batch_size">0</parameter>
<parameter
name="hibernate.hbm2ddl.auto">update</parameter>
<parameter
name="hibernate.cache.provider_class">org.hibernate.cache.HashtableCacheProvider</parameter>
<parameter name="comp ress">false</parameter>
<parameter
name="rootpath">roles/store/metadata</parameter>
<parameter
name="workpath">roles/work/metadata</parameter>
</securitystore>
<lockstore>
<reference store="securitystore"/>
</lockstore>
<revisiondescriptorsstore>
<reference store="nodestore"/>
</revisiondescriptorsstore>
<revisiondescriptorstore>
<reference store="nodestore"/>
</revisiondescriptorstore>
<contentstore>
<reference store="nodestore"/>
</contentstore>
</store>
<scope match="/roles" store="roles"/>
</definition>
<configuration>
<read-object>/actions/read</read-object>
<create-object>/actions/write</create-object>
<remove-object>/actions/write</remove-object>
<grant-permission>/actions/write-acl</grant-permission>
<revoke-permission>/actions/write-acl</revoke-permission>
<read-permissions>/actions/read-acl</read-permissions>
<read-own-permissions>/actions/read-current-user-privilege-set</read-own-permissions>
<lock-object>/actions/write</lock-object>
<kill-lock>/actions/unlock</kill-lock>
<read-locks>/actions/read</read-locks>
<read-revision-metadata>/actions/read</read-revision-metadata>
<create-revision-metadata>/actions/write-properties</create-revision-metadata>
<modify-revision-metadata>/actions/write-properties</modify-revision-metadata>
<remove-revision-metadata>/actions/write-properties</remove-revision-metadata>
<read-revision-content>/actions/read</read-revision-content>
<create-revision-content>/actions/write-content</create-revision-content>
<modify-revision-content>/actions/write-content</modify-revision-content>
<remove-revision-content>/actions/write-content</remove-revision-content>
<bind-member>/actions/bind</bind-member>
<unbind-member>/actions/unbind</unbind-member>
<userspath>/users</userspath>
<rolespath>/roles</rolespath>
<actionspath>/actions</actionspath>
<filespath>/files</filespath>
<parameter name="dav">true</parameter>
<parameter name="standalone">true</parameter>
<parameter name="acl_inheritance_type">path</parameter>
<parameter name="nested_roles_maxdepth">0</parameter>
<parameter name="sequential-mode">full</parameter>
<parameter
name="all-methods-in-transactions">true</parameter>
<parameter
name="force-lowercase-login">false</parameter>
<auto-create-users>true</auto-create-users>
</configuration>
<data>
<objectnode
classname="org.apache.slide.structure.SubjectNode" uri="/">
<permission action="all" subject="/roles/root"
inheritable="true"/>
<permission action="all"
subject="/roles/desenvolvedores_intranet" inheritable="true"/>
<permission action="/actions/read-acl"
subject="all" inheritable="true" negative="true"/>
<permission action="/actions/write-acl"
subject="all" inheritable="true" negative="true"/>
<permission action="/actions/unlock"
subject="all" inheritable="true" negative="true"/>
<permission action="/actions/read" subject="all"
inheritable="true"/>
<objectnode
classname="org.apache.slide.structure.SubjectNode" uri="/users">
<!--<permission action="all" subject="self"
inheritable="true"/>
<permission action="all"
subject="/roles/projector" inheritable="true"/>
<permission action="all"
subject="unauthenticated" inheritable="true" negative="true"/>-->
<!--
<objectnode
classname="org.apache.slide.structure.SubjectNode" uri="/users/root">
<revision>
<property
namespace="http://jakarta.apache.org/slide/";
name="password">root</property>
</revision>
</objectnode>
<objectnode
classname="org.apache.slide.structure.SubjectNode" uri="/users/john">
<revision>
<property
namespace="http://jakarta.apache.org/slide/";
name="password">john</property>
</revision>
</objectnode>
<objectnode
classname="org.apache.slide.structure.SubjectNode" uri="/users/john2">
<revision>
<property
namespace="http://jakarta.apache.org/slide/";
name="password">john2</property>
</revision>
</objectnode>
<objectnode
classname="org.apache.slide.structure.SubjectNode" uri="/users/guest">
<revision>
<property
namespace="http://jakarta.apache.org/slide/";
name="password">guest</property>
</revision>
</objectnode>
<objectnode
classname="org.apache.slide.structure.SubjectNode"
uri="/users/projector">
<revision>
<property
namespace="http://jakarta.apache.org/slide/";
name="password">projector</property>
</revision>
</objectnode>
-->
</objectnode>
<objectnode
classname="org.apache.slide.structure.SubjectNode" uri="/roles">
<!--
<permission action="all" subject="self"
inheritable="true"/>
<permission action="all"
subject="/roles/projector" inheritable="true"/>
<permission action="all"
subject="unauthenticated" inheritable="true" negative="true"/>
<objectnode
classname="org.apache.slide.structure.SubjectNode" uri="/roles/root">
<revision>
<property
name="group-member-set"><![CDATA[<D:href
xmlns:D='DAV:'>/users/root</D:href>]]></property>
</revision>
</objectnode>
<objectnode
classname="org.apache.slide.structure.SubjectNode" uri="/roles/user">
<revision>
<property
name="group-member-set"><![CDATA[<D:href
xmlns:D='DAV:'>/users/john</D:href><D:href
xmlns:D='DAV:'>/users/john2</D:href><D:href
xmlns:D='DAV:'>/users/root</D:href><D:href
xmlns:D='DAV:'>/users/projector</D:href>]]></property>
</revision>
</objectnode>
<objectnode
classname="org.apache.slide.structure.SubjectNode" uri="/roles/guest">
<revision>
<property
name="group-member-set"><![CDATA[<D:href
xmlns:D='DAV:'>/users/guest</D:href>]]></property>
</revision>
</objectnode>
<objectnode
classname="org.apache.slide.structure.SubjectNode"
uri="/roles/projector">
<revision>
<property
name="group-member-set"><![CDATA[<D:href
xmlns:D='DAV:'>/users/root</D:href><D:href
xmlns:D='DAV:'>/users/projector</D:href>]]></property>
</revision>
</objectnode>
-->
</objectnode>
<objectnode
classname="org.apache.slide.structure.ActionNode" uri="/actions">
<objectnode
classname="org.apache.slide.structure.ActionNode" uri="/actions/read">
<revision>
<property
name="privilege-member-set"><![CDATA[<D:href
xmlns:D='DAV:'>/actions/read-acl</D:href> <D:href
xmlns:D='DAV:'>/actions/read-current-user-privilege-set</D:href>]]></property>
</revision>
</objectnode>
<objectnode
classname="org.apache.slide.structure.ActionNode"
uri="/actions/read-acl">
<revision>
<property name="privilege-member-set"/>
</revision>
</objectnode>
<objectnode
classname="org.apache.slide.structure.ActionNode"
uri="/actions/read-current-user-privilege-set">
<revision>
<property name="privilege-member-set"/>
</revision>
</objectnode>
<objectnode
classname="org.apache.slide.structure.ActionNode" uri="/actions/write">
<revision>
<property
name="privilege-member-set"><![CDATA[<D:href
xmlns:D='DAV:'>/actions/write-acl</D:href> <D:href
xmlns:D='DAV:'>/actions/write-properties</D:href> <D:href
xmlns:D='DAV:'>/actions/write-content</D:href>]]></property>
</revision>
</objectnode>
<objectnode
classname="org.apache.slide.structure.ActionNode"
uri="/actions/write-acl">
<revision>
<property name="privilege-member-set"/>
</revision>
</objectnode>
<objectnode
classname="org.apache.slide.structure.ActionNode"
uri="/actions/write-properties">
<revision>
<property name="privilege-member-set"/>
</revision>
</objectnode>
<objectnode
classname="org.apache.slide.structure.ActionNode"
uri="/actions/write-content">
<revision>
<property
name="privilege-member-set"><![CDATA[<D:href
xmlns:D='DAV:'>/actions/bind</D:href> <D:href
xmlns:D='DAV:'>/actions/unbind</D:href>]]></property>
</revision>
</objectnode>
<objectnode
classname="org.apache.slide.structure.ActionNode" uri="/actions/bind">
<revision>
<property name="privilege-member-set"/>
</revision>
</objectnode>
<objectnode
classname="org.apache.slide.structure.ActionNode" uri="/actions/unbind">
<revision>
<property name="privilege-member-set"/>
</revision>
</objectnode>
<objectnode
classname="org.apache.slide.structure.ActionNode" uri="/actions/unlock">
<revision>
<property name="privilege-member-set"/>
</revision>
</objectnode>
</objectnode>
<objectnode
classname="org.apache.slide.structure.SubjectNode" uri="/files">
<permission action="all" subject="all"
inheritable="true"/>
<permission action="all"
subject="unauthenticated" inheritable="true"/>
<permission action="/actions/read"
subject="/roles/desenvolvedores_intranet" inheritable="true"/>
<permission action="/actions/write"
subject="/roles/desenvolvedores_intranet" inheritable="true"/>
<permission action="/actions/read-acl"
subject="owner" inheritable="true"/>
</objectnode>
<objectnode
classname="org.apache.slide.structure.SubjectNode" uri="/projector">
<permission action="all"
subject="unauthenticated" inheritable="true"/>
<permission action="/actions/write"
subject="/roles/projector" inheritable="true"/>
<permission action="/actions/read-acl"
subject="owner" inheritable="true"/>
<objectnode
classname="org.apache.slide.structure.SubjectNode"
uri="/projector/work">
</objectnode>
</objectnode>
<objectnode
classname="org.apache.slide.structure.SubjectNode" uri="/history">
<permission action="all"
subject="unauthenticated" inheritable="true"/>
<permission action="/actions/write"
subject="/roles/user" inheritable="true"/>
<permission action="/actions/read-acl"
subject="owner" inheritable="true"/>
</objectnode>
<objectnode
classname="org.apache.slide.structure.SubjectNode" uri="/workspace">
<permission action="all"
subject="unauthenticated" inheritable="true"/>
<permission action="/actions/write"
subject="/roles/user" inheritable="true"/>
<permission action="/actions/read-acl"
subject="owner" inheritable="true"/>
</objectnode>
<objectnode
classname="org.apache.slide.structure.SubjectNode"
uri="/workingresource">
<permission action="all"
subject="unauthenticated" inheritable="true"/>
<permission action="/actions/write"
subject="/roles/user" inheritable="true"/>
<permission action="/actions/read-acl"
subject="owner" inheritable="true"/>
</objectnode>
</objectnode>
</data>
</namespace>
<parameter name="historypath">/history</parameter>
<parameter name="workspacepath">/workspace</parameter>
<parameter name="workingresourcepath">/workingresource</parameter>
<parameter name="auto-version">checkout-checkin</parameter>
<parameter name="auto-version-control">true</parameter>
<parameter name="versioncontrol-exclude"/>
<parameter name="checkout-fork">forbidden</parameter>
<parameter name="checkin-fork">forbidden</parameter>
<events>
<event
classname="org.apache.slide.webdav.event.WebdavEvent" enable="true"/>
<event classname="org.apache.slide.event.ContentEvent"
enable="true"/>
<event classname="org.apache.slide.event.ContentEvent"
method="retrieve" enable="false"/>
<event
classname="org.apache.slide.event.EventCollection" enable="true"/>
<event
classname="org.apache.slide.event.TransactionEvent" enable="true"/>
<event classname="org.apache.slide.event.MacroEvent"
enable="true"/>
<listener
classname="org.apache.slide.event.VetoableEventCollector"/>
<listener
classname="org.apache.slide.event.TransientEventCollector"/>
<listener
classname="org.apache.slide.webdav.event.NotificationTrigger">
<configuration>
<notification include-events="false"/>
<persist-subscriptions
filename="subscriptions.xml"/>
</configuration>
</listener>
<listener
classname="org.apache.slide.extractor.PropertyExtractorTrigger"/>
<listener
classname="org.apache.slide.search.IndexTrigger">
<configuration>
<indexer
classname="org.apache.slide.search.LoggingIndexer"
synchronous="false" uri="/files/articles"/>
</configuration>
</listener>
<!--
used for cluster
<listener
classname="org.jboss.portal.cms.ha.InvalidationListener"/>
-->
<listener
classname="org.apache.slide.macro.MacroPropertyUpdater">
<configuration>
<update-displayname>true</update-displayname>
<update-owner-on-move>false</update-owner-on-move>
<update-owner-on-copy>true</update-owner-on-copy>
</configuration>
</listener>
</events>
</slide>
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
