Example - Custom Security

A repository might use a security model that resembles NT security. For example, the ACL might specify a list of groups that automatically grant access to the document if the user is a member. This would require a different ACL, and an additional check to be performed.

The following example shows how to modify the value of the SecurityACLFormat parameter. When compared to the standard NT ACL described in Example - NT Security, you can see that the underlined section has been added:

SecurityACLFormat=<E=B!>:U:<U=SLE+=>:G:<G=SLE+>:OG:<OG=SLE+>:NU:<NU=SLE->:NG:<NG=SLE->

If the ACL is modified for custom security, and has an additional ACL field with positive groups that have priority over the negative terms, the SecurityACLCheck could be modified as follows:

SecurityACLCheck=OG=[DG]?P:-,NU=[DU]?F:-,NG=[DG]?F:-,E=1?P:-,U=[DU]?P:-,G=[DG]?P:F

The new value in the SecurityACLCheck parameter is explained in the following table:

OG=[DG]?P:- Compare ACL field OG to each of the users group memberships. If the user is a member of one of the groups, allow access, otherwise continue. The remaining checks are the same as for the NT security type described in Example - NT Security.

_HP_HTML5_bannerTitle.htm