security question

Hi all,

I enabled security with LDAP in TWS which works fine. Now I want to give access rights to make the server secure.
By default all users have any access right.
I understand that this is due to an entry in domain.xml.
However I cannot remove that entry since nobody can give access rights anymore then.

Removing the “all” rigth via an ACL call for a particular user on /taminowebdavserver has no effect at all.

So I decided to remove the “all” right on

and give “all” right to

However since I have auto-versioning enabled the user is unable to write something into resources as long he doesn’t have write rights on

Is it possible to somehow protect

from unauthorized access?

Another question I have is:
Is it possible to delete old versions of a resource?
I believe the WebDAV specification doesn’t allow that. But is it somehow possible?


answering myself:
This could be solved via httpd.conf (hope this works)



I have activated security using the latest 4.1.4 software.
As Guido points out “Removing the “all” rigth via an ACL call for a particular user on /taminowebdavserver has no effect at all”.
It seems that there are currently just two security states for some resource:
1. Grant all rights to all users
2. Deny all rights to all users

Could you point out, please, when we may expect more fine grained access rights.

Roland Betz