W3C home > Mailing lists > Public > w3c-dist-auth@w3.org > July to September 2004

behavior of dav:inherited-acl-set

From: Ravi Murthy <ravi.murthy@oracle.com>
Date: Wed, 8 Sep 2004 12:46:15 -0700
Message-ID: <009901c495dc$80ed0fe0$bcaa2382@us.oracle.com>
To: <w3c-dist-auth@w3.org>
Does the <dav:inherited-acl-set> property apply recursively ? i.e. if a resource R1 specifies R2 as part of its <dav:inherited-acl-set>, then in addition to the ACL on R2 (as specified by DAV:acl property), does the <dav:inherited-acl-set> property of R2 *also* apply in determining the privilege on R1 ? The RFC is not very clear on this point.

-- Excerpt from RFC 3744
5.7 DAV:inherited-acl-set
This protected property contains a set of URLs that identify other resources that also control the access to this resource. To have a privilege on a resource, not only must the ACL on that resource (specified in the DAV:acl property of that resource) grant the privilege, but so must the ACL of each resource identified in the DAV:inherited-acl-set property of that resource. Effectively, the privileges granted by the current ACL are ANDed with the privileges granted by each inherited ACL. 

-- End Excerpt

Thanks.

- Ravi
Received on Wednesday, 8 September 2004 19:46:49 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 2 June 2009 18:44:06 GMT