jackrabbit-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From anjan <poliset...@gmail.com>
Subject Re: Group membership is not honoured?
Date Fri, 13 Dec 2013 05:40:43 GMT
Hi Toby, based on your suggestion, I re-ordered the aces.  Here is the new

    "everyone": {
        "principal": "everyone",
        "denied": [
        "order": 0
    "Managers": {
        "principal": "Managers",
        "granted": [
        "denied": [
        "order": 1

And you are correct.  Now "test" user can see the "child" folder.  I guess
where I got stumped was that when "Managers" is the first ace and if I am
allowing "jcr:read" for that group, I expected it to work for all the users
of this group.  But I didn't realize that "everyone" is also checked.  My

Thanks a lot for your help.  Really appreciate it.

View this message in context: http://jackrabbit.510166.n4.nabble.com/Group-membership-is-not-honoured-tp4660059p4660068.html
Sent from the Jackrabbit - Users mailing list archive at Nabble.com.

View raw message