[opencms-dev] User Access Control Management

[Fabian Huschka]

Hello everybody,

I thought I had understood the ACL management. However today I ran into
a totally non plausible behaviour - may be someone can help me out:

1.) Created a group testusers with the parent group guest assigned
2.) Added a webuser testuser being part of the group testusers
3.) Added a folder protected with read/view rights for the group
testusers only
4.) Added a login script and attached it to the login-form parameter

Everything is working fine until I log in. As soon as I log in the user
testuser can no longer access images and resources alike which have
read/view rights for the guest group attached. I have to add read/view
rights for the testuser group to the resources in questions. Is this the
expected behaviour (works as designed)?

I noticed another strange (and annoying) effect. It seems to be
impossible to protect a folder with a special group while having a guest
readable resource within this folder. The guest readable resource cannot
be accessed without a user login belonging to the group specified on the
folder. Again, is this the expected behaviour?

I will be glad for any hints and answers,

\Fabian