Hi Marian. > In my alterAcl() method, I retrieve the current ACL by first calling > AccessControlManager#getPolicies [1] to determine the resource's current > ACL, and then, if it has none, AccessControlManager#getApplicablePolicies() > [2] to find an empty ACL I can work with. The problems appear if the > resource's ACL contains an entry for a principal which has since be deleted > (we're using an LDAP server to manage our principals, so we have no control > over who will when delete users), since in this case both methods will throw > a NoSuchPrincipalException. The problem seems to be related to http://www.nabble.com/Re:-Problem-with-jackrabbit-user-deletion-p23235921.html
and is, afaik solved in Jackrabbit 1.6.0. Have a look at http://svn.apache.org/viewvc/jackrabbit/tags/1.6.0/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/authorization/acl/ACLTemplate.java?revision=802049 The NoSuchPrincipalException is catched and the principal is created on the fly to be able to edit the ACL. Regards, Lars
