[sakai-kernel] Heads up: /_user and /_group are now forbidden

Steve Swinsburg steve.swinsburg at gmail.com
Fri Jul 9 05:47:51 PDT 2010 

I'll flag now that this is going to become an issue. Ideally, groups and users could be namespaced *without* being prefixed (ie the g-* debate). I can see an immediate problem if entities can collide and cause denials to other valid inputs.

Is there no other way to make them unique but keep them separate from polluting each other's space?

cheers,
Steve


On 09/07/2010, at 10:42 PM, Ian Boston wrote:

> 
> On 9 Jul 2010, at 12:52, Steve Swinsburg wrote:
> 
>>> 
>>> To access a users subtree do one of 
>>> /~userid
>>> /user/userid
>>> 
>>> To access a group subtree do one of
>>> /~groupid
>>> /group/groupid
>> 
>> Does this mean that userid's and groupid's will eventually collide? So if someone creates a group 'steve' then I can't create a user account 'steve'? In the above mapping the /group/x /user/x mappings look good but the ~/x might cause problems?
> 
> Group and User are both Authorizables.
> Authorizable ID's are unique
> 
> so yes.
> 
> We have put in a block to only allow groups to be created with 'g-*' but thats not liked.
> 
> The reason behind this is that we (Jackrabbit) builds on javax.security.Principal as part of the JSR-* specs so IDs are global.
> 
> Rightly or wrongly... not much that we can do about this other than argue with the standard.
> 
> Ian
> 
>> 
>> 
>> cheers,
>> Steve
>> 
>> 
>> -- 
>> You received this message because you are subscribed to the Google Groups "Sakai Kernel" group.
>> To post to this group, send email to sakai-kernel at googlegroups.com.
>> To unsubscribe from this group, send email to sakai-kernel+unsubscribe at googlegroups.com.
>> For more options, visit this group at http://groups.google.com/group/sakai-kernel?hl=en.
>> 
> 
> -- 
> You received this message because you are subscribed to the Google Groups "Sakai Kernel" group.
> To post to this group, send email to sakai-kernel at googlegroups.com.
> To unsubscribe from this group, send email to sakai-kernel+unsubscribe at googlegroups.com.
> For more options, visit this group at http://groups.google.com/group/sakai-kernel?hl=en.
>

More information about the sakai-ui-dev mailing list