Hi,
I would like to remove the default read permission of the everyone
principle from the root node
(curl -F:applyTo=everyone
http://admin:admin@localhost:8080/sling/.deleteAce.html) to only set it
on sub nodes when needed and to avoid that every new sub node is
readable by everyone by default.
If I remove that permission and navigate to http://localhost:8080/sling/
the Selector Form Handler
creates infinite redirects to
http://localhost:8080/system/sling/selector/login?j_reason=User+name+and+password+do+not+match&resource=%2F
leading to a 310 too_many_redirects error.
I guess this happens because this selector expects
/system/sling/selector/login to require authentication.
But as seen in the authenticator web console page
(http://localhost:8080/system/console/slingauth) the same
selector sets authentication required to "no" for the
/system/sling/selector/login path.
Is it possible to get that to work?
Best,
Sandro
