28 Apr
1999
28 Apr
'99
4:48 a.m.
I have a folder that has restricted access. In a parent folder I have a DTML method that accesses a property of the folder. A browser that has not been autheticated for viewing the folder can still view use the aquired method in the folder, ie they type http://server.com/RestrictedFolder/parentMethod and it works!!! This seems counter intuitive to me. Either you have access to a folder or you do not. Why is this the case and should it be? In any case how do I make sure users can not do the above unless authenticated?