W3C home > Mailing lists > Public > w3c-dist-auth@w3.org > July to September 2001

RE: ACL-draft for WebDAV

From: Clemm, Geoff <gclemm@rational.com>
Date: Wed, 26 Sep 2001 07:23:42 -0400
Message-ID: <3906C56A7BD1F54593344C05BD1374B1045036A0@SUS-MA1IT01>
To: WebDAV <w3c-dist-auth@w3c.org>
A "depth" ACE is represented as an inherited ACE in each of the resources
it affects.  So if there is an ACE on /dav/tom that is inherited by its
it will appear as an inherited ACE on /dav/tom/mike, /dav/tom/johnson, and 

There is no interoperable way in the current ACL spec to *specify* that an
should be inherited, because techniques for ACE inheritance varies so
There only is an interoperable way to discover inherited ACE's.

As for DAV:acl-semantics, that is just a way for a client (or for that
a user) to understand how ACE's are combined or restricted for a given
They are just a set of token's with predefined meanings that are returned by
a server.  You use PROPFIND on the DAV:acl-semantics property to get the
for a particular resource.


-----Original Message-----
From: Medha Atré [mailto:medha_atre@persistent.co.in]
Sent: Wednesday, September 26, 2001 4:40 AM
To: WebDAV
Subject: ACL-draft for WebDAV

I am going through the ACL draft for building a compliance test harness for
a WebDAV
server. I have some doubts in the same. The draft doesn't mention anything
about the
DEPTH of the ACEs granted to a principal on a particular
	User John has been granted DAV:write ACE to a collection /dav/tom/.
If /dav/tom/ is
containing 3 children namely /dav/tom/mike/, /dav/tom/johnson/ and
then what will the access right of John on these three children ? Does
privilege on
particular collection mean same privilege on all of its children to DEPTH
the user should be granted ACEs separately on each and every child of the

I did not understand the significance of ACL SEMANTICS. What is meant by
DAV:first-match, DAV:all-grant-before-any-deny etc. There isn't any example
of XML
request and response given for the same.

Medha Atré
Associate Member of Tech. Staff
Persistent Systems Pvt. Ltd.
Pune, India
Ph : +91-20-5678900 (Ext. 295)
Received on Wednesday, 26 September 2001 07:34:51 UTC

This archive was generated by hypermail 2.3.1 : Wednesday, 7 January 2015 15:01:23 UTC