Re: [Exist-development] And yet another security/Ant issue...IT's A BUG IN SECURITY!

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 454-5900

> So there is a bug in the security implementation, probably do to with how user credentials are
> cached, since a restart seems to fix the issue.

The bug is easy to reproduce and you don't need Ant for it:

1) Launch a clean db
2) Use the Java admin client to create a user "administrator" and
assign it to the dba group
3) Log into the client as "administrator" and try to trigger a
shutdown -> permission denied!
4) Stop and restart the db
5) Repeat step 3) -> you are now allowed to shutdown

Wolfgang

Re: [Exist-development] And yet another security/Ant issue...IT's A BUG IN SECURITY!

eXist-db is a feature rich Open Source native XML database

Re: [Exist-development] And yet another security/Ant issue...IT's A BUG IN SECURITY!