W3C home > Mailing lists > Public > w3c-dist-auth@w3.org > April to June 2007

Re: PROPFIND Depth:1 and ACLs

From: Werner Donné <werner.donne@re.be>
Date: Tue, 15 May 2007 09:17:12 +0200
Message-ID: <46495E78.8050709@re.be>
To: Julian Reschke <julian.reschke@gmx.de>
Cc: w3c-dist-auth@w3.org

>> Note that having to use PROPFIND to retrieve the contents of a
>> collection has a serious impact on performance when ACLs are supported.
> 
> Could you a be a bit more specific? Would a PROPFIND where just the 
> member names are being returned sufficient?

Indeed, because as soon as one property is also returned an ACL check is
required for each member, which is expensive if the collection has a lot
of members, say a few thousand.

I agree it should be allowed to hide collection members if this fits
some security policy better. If I would speak as a user, however, I
probably would hide a document in a collection that is not readable. It
feels closer to real life.

> 
> Best regards, Julian
> 
> (adding to new issues to 
> <http://greenbytes.de/tech/webdav/draft-reschke-webdav-rfc2518bis-latest.html>) 

Best regards,

Werner.
-- 
Werner Donné  --  Re
Engelbeekstraat 8
B-3300 Tienen
tel: (+32) 486 425803	e-mail: werner.donne@re.be
Received on Tuesday, 15 May 2007 07:16:35 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 2 June 2009 18:44:15 GMT