Return-Path: Delivered-To: apmail-jackrabbit-users-archive@minotaur.apache.org Received: (qmail 74133 invoked from network); 12 Aug 2009 17:00:06 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.3) by minotaur.apache.org with SMTP; 12 Aug 2009 17:00:06 -0000 Received: (qmail 80100 invoked by uid 500); 12 Aug 2009 17:00:12 -0000 Delivered-To: apmail-jackrabbit-users-archive@jackrabbit.apache.org Received: (qmail 80075 invoked by uid 500); 12 Aug 2009 17:00:12 -0000 Mailing-List: contact users-help@jackrabbit.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: users@jackrabbit.apache.org Delivered-To: mailing list users@jackrabbit.apache.org Received: (qmail 80063 invoked by uid 99); 12 Aug 2009 17:00:06 -0000 Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 12 Aug 2009 17:00:06 +0000 X-ASF-Spam-Status: No, hits=-2.8 required=10.0 tests=RCVD_IN_DNSWL_MED,SPF_NEUTRAL X-Spam-Check-By: apache.org Received-SPF: neutral (athena.apache.org: local policy) Received: from [129.217.128.51] (HELO unimail.uni-dortmund.de) (129.217.128.51) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 12 Aug 2009 16:59:56 +0000 Received: from [10.1.192.71] (dslb-188-101-068-109.pools.arcor-ip.net [188.101.68.109]) (authenticated bits=0) by unimail.uni-dortmund.de (8.14.3/8.14.3) with ESMTP id n7CGxPlJ016058 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT) for ; Wed, 12 Aug 2009 18:59:30 +0200 (CEST) Message-ID: <4A82F50A.4010604@tu-dortmund.de> Date: Wed, 12 Aug 2009 18:59:54 +0200 From: Lars Michele User-Agent: Thunderbird 2.0.0.22 (X11/20090605) MIME-Version: 1.0 To: users@jackrabbit.apache.org Subject: Re: WebDAV ACLs referring to deleted principals References: <24934748.post@talk.nabble.com> In-Reply-To: <24934748.post@talk.nabble.com> Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit X-Virus-Checked: Checked by ClamAV on apache.org Hi Marian. > In my alterAcl() method, I retrieve the current ACL by first calling > AccessControlManager#getPolicies [1] to determine the resource's current > ACL, and then, if it has none, AccessControlManager#getApplicablePolicies() > [2] to find an empty ACL I can work with. The problems appear if the > resource's ACL contains an entry for a principal which has since be deleted > (we're using an LDAP server to manage our principals, so we have no control > over who will when delete users), since in this case both methods will throw > a NoSuchPrincipalException. The problem seems to be related to http://www.nabble.com/Re:-Problem-with-jackrabbit-user-deletion-p23235921.html and is, afaik solved in Jackrabbit 1.6.0. Have a look at http://svn.apache.org/viewvc/jackrabbit/tags/1.6.0/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/authorization/acl/ACLTemplate.java?revision=802049 The NoSuchPrincipalException is catched and the principal is created on the fly to be able to edit the ACL. Regards, Lars