Damjan S. Vujnovic wrote:
[EMAIL PROTECTED] wrote:
Thanks for the answer,
I forgot to say that I use Lenya 1.2.4.
The problem is that I have a subtree-policy.acml is my live directory
like this
so everyone can access the root of the site:
<ac:policy xmlns:ac="http://apache.org/cocoon/lenya/ac/1.0"; ssl="false">
<ac:world>
<ac:role id="visit"/>
</ac:world>
</ac:policy>
If I apply what you said, I will have the
the_group_you_want_to_have_access_to_this_part which will be able to
visit it
and the "world" because of subtree inheritence (there is an addition
of rights
and not an overriding). In other words, everyone will access it :(.
Any other idea ?
Then simply removed the subtree-policy.acml from the live directory...
Now I see that my answers were a little bit confusing...
So here's what you have to do (this is one possible approach, but you
can "refactor" it to fit your needs). Create 2 directories in your live
directory called (for example) protected and unprotected, MOVE the
original subtree-policy.acml from the live directory into the
live/unprotected directory (so that live directory contains no policy
files) and put the following subtree-policy.acml in the live/protected
directory:
<ac:policy xmlns:ac="http://apache.org/cocoon/lenya/ac/1.0"; ssl="false">
<ac:group id="group_with_members_that_can_access_protected_area">
<ac:role id="visit"/>
</ac:world>
</ac:policy>
Hope that this was a better explanation,
Damjan S. Vujnovic
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
