principal
Click on the red underlined text to get to the source
... access control is that who you
are determines what operations you can perform on a resource. The
"who you are" is defined by a "principal" identifier; users, client
software, servers, and groups ...
... identifier; users, client
software, servers, and groups of the previous have principal
identifiers. The "operations you can perform" are determined by a
...
... ACEs), where each ACE
specifies a principal and a set of privileges that are either granted
or denied to that principal ...
... principal and a set of privileges that are either granted
or denied to that principal. When a principal submits an operation
(such as an HTTP ...
... privileges that are either granted
or denied to that principal. When a principal submits an operation
(such as an HTTP or WebDAV ...
... server evaluates the ACEs in the ACL to determine if the principal
has permission for that operation.
...
... Since every ACE contains the identifier of a principal, client
software operated by a human must provide a mechanism for selecting
this principal ...
... principal, client
software operated by a human must provide a mechanism for selecting
this principal. This specification uses http(s) scheme URLs to
identify principals ...
... principal. This specification uses http(s) scheme URLs to
identify principals, which are represented as WebDAV-capable
resources. There is no guarantee that the URLs ...
... resources. There is no guarantee that the URLs identifying
principals will be meaningful to a human. For example,
http://www.example.com/u/256432 and
http://www.example.com/people/Greg.Stein are both valid ...
... valid URLs that
could be used to identify the same principal. To remedy this, every
principal resource has the DAV ...
... could be used to identify the same principal. To remedy this, every
principal resource has the DAV:displayname property containing a
human-readable ...
... DAV:displayname property containing a
human-readable name for the principal.
Since a principal ...
... principal.
Since a principal can be identified by multiple URLs, it raises the
problem of determining exactly which principal ...
... principal can be identified by multiple URLs, it raises the
problem of determining exactly which principal is being referenced in
a given ACE. It is impossible for a client ...
... granting the read privilege to http://www.example.com/people/
Greg.Stein also affects the principal at http://www.example.com/u/
256432. That is, a client has no mechanism for determining that two
...
...
URLs identify the same principal resource. As a result, this
specification requires clients to use just one of the many possible
...
... clients to use just one of the many possible
URLs for a principal when creating ACEs. A client can discover which
...
... principal-URL property (Section 4.2)
from a principal resource. No matter which of the principal's URLs
...
... URL property (Section 4.2)
from a principal resource. No matter which of the principal's URLs
is used with PROPFIND ...
... URL.
With a system having hundreds to thousands of principals, the problem
arises of how to allow a human operator of client software to select
...
... arises of how to allow a human operator of client software to select
just one of these principals. One approach is to use broad
collection hierarchies to spread the principals over a large number
...
... just one of these principals. One approach is to use broad
collection hierarchies to spread the principals over a large number
of collections, yielding few principals per collection. An example
...
... collection hierarchies to spread the principals over a large number
of collections, yielding few principals per collection. An example
of this is a two level hierarchy with the first level containing 36
collections (a-z, 0-9), and the second level being another 36,
...
... of this is a two level hierarchy with the first level containing 36
collections (a-z, 0-9), and the second level being another 36,
creating collections /a/a/, /a/b/, ..., /a/z/, such that a principal
with last name "Stein" would appear at /s/t/Stein. In effect, this
pre-computes a common query ...
... queries, and drilling down through the
collection hierarchy adds unnecessary steps (navigate down/up) when
the user already knows the principal's name. While organizing
principal URLs ...
... the user already knows the principal's name. While organizing
principal URLs into a hierarchy is a valid namespace ...
... namespace organization,
users should not be forced to navigate this hierarchy to select a
principal.
This specification provides the capability to perform substring ...
... substring
searches over a small set of properties on the resources representing
principals. This permits searches based on last name, first name,
user name, job title, etc. Two separate searches are supported, both
...
... principal resources
(DAV:principal-property-search, Section 9.4), the other to determine
which properties may be searched at all (DAV ...
... search, Section 9.4), the other to determine
which properties may be searched at all (DAV:principal-search-
property-set, Section 9.5).
...
... property-set, Section 9.5).
Once a principal has been identified in an ACE, a server evaluating
that ACE ...
... ACE, a server evaluating
that ACE must know the identity of the principal making a protocol
request, and must validate that that principal ...
... identity of the principal making a protocol
request, and must validate that that principal is who they claim to
be, a process known as authentication. This specification
...
... must be available to validate the identity of a principal.
The following issues are out of scope for this document:
...
... role can be seen as a dynamically
defined group of principals),
o Specification of the ways an ACL ...
... o Creation and maintenance of resources representing people or
computational agents (principals), and groups of these.
...
... concepts used throughout the specification, and is followed by a more
in-depth discussion of principals (Section 2), and privileges
(Section 3). Properties defined on principals ...
... principals (Section 2), and privileges
(Section 3). Properties defined on principals are specified in
Section 4, and access control properties for content resources are
...
... principal
A "principal" is a distinct human or computational actor that
initiates access to network resources. In this protocol, a
...
... initiates access to network resources. In this protocol, a
principal is an HTTP resource that represents such an actor.
...
... ACE" either grants or denies a particular set of (non-
abstract) privileges for a particular principal.
inherited ACE ...
... Principals ...
...
A principal is a network resource that represents a distinct human or
computational actor that initiates access to network ...
... network resources.
Users and groups are represented as principals in many
implementations; other types of principals are also possible. A URI ...
... groups are represented as principals in many
implementations; other types of principals are also possible. A URI
of any scheme MAY be used to identify a principal ...
... principals are also possible. A URI
of any scheme MAY be used to identify a principal resource. However,
servers implementing this specification MUST expose principal
...
... of any scheme MAY be used to identify a principal resource. However,
servers implementing this specification MUST expose principal
resources at an http(s) URL, which is a privileged scheme that points
...
... URL, which is a privileged scheme that points
to resources that have additional properties, as described in Section
4. So, a principal resource can have multiple URIs, one of which has
to be an http(s) scheme URL ...
... PROPFIND and MAY support PROPPATCH to access and modify
information about a principal, it is not required to do so.
A principal ...
... principal, it is not required to do so.
A principal resource may be a group, where a group is a principal ...
... principal resource may be a group, where a group is a principal
that represents a set of other principals, called the members of the
...
... group is a principal
that represents a set of other principals, called the members of the
group. If a person or computational agent ...
... group. If a person or computational agent matches a principal
resource that is a member of a group, they also match the group ...
... privileges, or mapping to ones below) are required to perform the
method. A principal with no privileges to a resource MUST be denied
any HTTP ...
... privileges to a resource MUST be denied
any HTTP access to that resource, unless the principal matches an ACE
...
... DAV:unauthenticated pseudo-principals (see Section 5.5.1). Servers
MUST report a 403 "Forbidden" error if access is denied, except in
the case where the privilege ...
... privileges, in which case they
are termed "aggregate privileges". If a principal is granted or
denied an aggregate privilege, it is semantically equivalent to
...
... privilege controls the use of the UNLOCK method by a
principal other than the lock owner (the principal that created a
...
... method by a
principal other than the lock owner (the principal that created a
lock can always perform an UNLOCK). While the set of users who may
...
... authentication credentials. That is, even if
a principal does not have DAV:unlock privilege, they can still remove ...
... privilege, they can still remove
locks they own. Principals other than the lock owner can remove a
lock only if they have DAV ...
... Principal Properties ...
... WebDAV resource, identified
by a URL. A principal MUST have a non-empty DAV:displayname property
(defined in Section 13.2 of [RFC2518 ...
... property (defined in Section 13.9 of [RFC2518]). Additionally, a
principal MUST report the DAV:principal XML element ...
...
This protocol defines the following additional properties for a
principal. Since it can be expensive for a server to retrieve access
control information, the name and value of these properties SHOULD
NOT be returned by a PROPFIND ...
... network
resources with additional descriptive information about the
principal. This property identifies additional network resources
(i.e., it contains one or more URIs ...
... URIs) that may be consulted by a
client to gain additional knowledge concerning a principal. One
expected use for this property is the storage of an LDAP [RFC2255 ...
... [RFC2251] to retrieve additional machine-readable directory
information about the principal, and display that information in its
user interface. Support for this property is REQUIRED, and the value
...
... user interface. Support for this property is REQUIRED, and the value
is empty if no alternate URI exists for the principal.
<!ELEMENT ...
... URL"
that clients can use to uniquely identify a principal. This
protected property contains the URL ...
... protected property contains the URL that MUST be used to identify
this principal in an ACL request. Support for this property is
REQUIRED.
...
...
This property of a group principal identifies the principals that are
direct members of this group ...
... This property of a group principal identifies the principals that are
direct members of this group. Since a group ...
... This protected property identifies the groups in which the principal
is directly a member. Note that a server may allow a group to be a
...
... groups would need to be queried in order to determine the
groups in which the principal is indirectly a member. Support for
this property is REQUIRED.
...
...
This property identifies a particular principal as being the "owner"
of the resource. Since the owner of a resource often has special
access control ...
... property from a collection resource with URL http://www.example.com/
papers/. The principal making the request is authenticated using
Digest authentication ...
...
This property identifies a particular principal as being the "group"
of the resource. This property is commonly found on repositories
...
... user interface to make actions
inaccessible (e.g., by graying out a menu item or button) for which
the current principal does not have permission. This property is
also useful for determining what operations the current principal can
...
... the current principal does not have permission. This property is
also useful for determining what operations the current principal can
perform, without having to actually execute an operation.
...
... URL http://www.example.com/papers/. The username
of the principal making the request is "khare", and Digest
authentication is used in the request. The principal with username ...
... of the principal making the request is "khare", and Digest
authentication is used in the request. The principal with username
"khare" has been granted the DAV ...
... privilege-set privileges (see Section 5.3.1), the principal with
username "khare" can read the ACL ...
... abstract privileges. DAV:write is not listed
since the principal with username "khare" is not listed in an ACE
...
... username "khare" is not listed in an ACE
granting that principal write permission.
>> Request <<
...
... protected property that specifies the list of access
control entries (ACEs), which define what principals are to get what
privileges for this resource.
...
... element specifies the set of privileges to be either
granted or denied to a single principal. If the DAV:acl property is
empty, no principal ...
... DAV:href only if that user is authenticated
as being (or being a member of) the principal identified by the URL
contained by that DAV ...
...
The current user matches a DAV:property principal in a DAV:acl
property of a resource only if the value of the identified property
...
... URI
value of DAV:href identifies a principal, and the current user is
authenticated as being (or being a member of) that principal ...
... principal, and the current user is
authenticated as being (or being a member of) that principal. For
example, if the DAV:property element ...
... DAV:owner/>, the
current user would match the DAV:property principal only if the
current user is authenticated as matching the principal ...
... principal only if the
current user is authenticated as matching the principal identified by
the DAV:owner property of the resource.
...
... DAV:self in a DAV:acl property of the
resource only if that resource is a principal and that principal
matches the current user or, if the principal ...
... DAV:acl property of the
resource only if that resource is a principal and that principal
matches the current user or, if the principal is a group ...
... principal and that principal
matches the current user or, if the principal is a group, a member of
that group ...
... Some servers may support ACEs applying to those users NOT matching
the current principal, e.g., all users not in a particular group.
This can be done by wrapping the DAV ...
... element specifies the set of privileges to
be either granted or denied to the specified principal. A DAV:grant
or DAV ...
... >http://www.example.com/acl/groups/maintainers</D:href>
</D:principal>
<D:grant>
<D:privilege ...
...
<required-principal> Indicates which principals are required to be
present
...
... ELEMENT acl-restrictions (grant-only?, no-invert?,
deny-before-grant?,
required-principal?)>
...
... Required Principals ...
... The required principal elements identify which principals must have
an ACE defined in the ACL ...
... URLs that
identify the root collections that contain the principals that are
available on the server that implements this resource. A WebDAV
...
... agent could use the contents of
DAV:principal-collection-set to retrieve the DAV:displayname property
(specified in Section 13.2 of [RFC2518 ...
... DAV:displayname property
(specified in Section 13.2 of [RFC2518]) of all principals on that
server, thereby yielding human-readable names for each principal ...
... principals on that
server, thereby yielding human-readable names for each principal that
could be displayed in a user interface.
...
...
<!ELEMENT principal-collection-set (href*)>
Since different servers can control different parts of the URL ...
... host MAY have different
DAV:principal-collection-set values. The collections specified in
the DAV:principal ...
... principal-collection-set values. The collections specified in
the DAV:principal-collection-set MAY be located on different hosts
from the resource. The URLs ...
... from the resource. The URLs in DAV:principal-collection-set SHOULD be
http or https scheme URLs. For security ...
... security and scalability reasons, a
server MAY report only a subset of the entire set of known principal
collections, and therefore clients should not assume they have
...
... clients should not assume they have
retrieved an exhaustive listing. Additionally, a server MAY elect to
report none of the principal collections it knows about, in which
case the property value would be empty.
...
... principal-collection-set gives the scope of the
DAV:principal-property-search REPORT (defined in Section 9.4).
Clients ...
... search REPORT to populate
their user interface with a list of principals. Therefore, servers
that limit a client's ability to obtain principal ...
... principals. Therefore, servers
that limit a client's ability to obtain principal information will
interfere with the client's ability to manipulate access control
lists ...
... client's ability to manipulate access control
lists, due to the difficulty of getting the URL of a principal for
use in an ACE.
...
... In this example, the client requests the value of the DAV:principal-
collection-set property on the collection resource identified by URL
...
... <D:propstat>
<D:prop>
<D:principal-collection-set>
<D:href>http://www.example.com/acl/users/</D:href>
<D:href>http://www.example.com/acl/groups ...
... <D:href>http://www.example.com/acl/groups/</D:href>
</D:principal-collection-set>
</D:prop>
<D:status>HTTP/1.1 ...
... <D:acl>
<D:ace>
<D:principal>
<D:href>http://www.example.com/users/esedlar</D:href>
</D:principal ...
... principal>
<D:href>http://www.example.com/users/esedlar</D:href>
</D:principal>
<D:grant>
<D:privilege ...
... XML element
containing the URL of the principal that owns this resource.
The value of the DAV ...
...
ACE #1: The principal identified by the URL http://www.example.com/
users/esedlar is granted the DAV ...
... ACE #3: In this ACE, the principal is a property principal,
specifically the DAV:owner property. When evaluating this ACE ...
...
<D:no-invert/>
<D:required-principal>
<D:all/>
<D:property><D:owner/></D:property>
...
... client can still get errors from a UNIX server in spite
of obeying the <acl-restrictions>, including <D:allowed-principal>
(adding an ACE specifying a principal ...
... principal>
(adding an ACE specifying a principal other than the ones in the ACL
above) or <D:ace-conflict> (by trying to reorder the ACEs ...
... ACE granting DAV:write
to a given principal, then it would not be consistent if the ACL
request submitted an ACE ...
... ACE from its parent
collection granting DAV:write to a given principal, then it would not
be consistent if the ACL request submitted an ACE ...
... ACE denying DAV:write
to the same principal. Note that reporting of this error will be
implementation-dependent. Implementations MUST either report this
error or allow the ACE ...
... ACL request MUST
have at least one ACE for each principal identified in a
DAV:required-principal ...
... ACEs
submitted in the ACL request MUST be allowed as principals for the
resource. For example, a server where only authenticated principals ...
... principals for the
resource. For example, a server where only authenticated principals
can access resources would not allow the DAV:all or
...
... DAV:all or
DAV:unauthenticated principals to be used in an ACE, since these
would allow unauthenticated access to resources.
...
... information in the Authorization header, grants the principal
identified by the URL http://www.example.com/users/esedlar (i.e., the
...
... DAV:">
<D:ace>
<D:principal>
<D:href>http://www.example.com/users/esedlar</D:href>
</D:principal ...
... principal>
<D:href>http://www.example.com/users/esedlar</D:href>
</D:principal>
<D:grant>
<D:privilege ...
... Authorization header, attempts to deny the
principal identified by the URL http://www.example.com/users/esedlar
(i.e., the user "esedlar") write privileges ...
... DAV:write
privileges. The principal identified by URL http://www.example.com/
users/esedlar is the owner of the resource. The ACL ...
...
Inherited ACE #1 grants the principal identified by URL http://
www.example.com/users/ejw (i.e., the user "ejw") http://
...
... The request attempts to set a (non-inherited) ACE, denying the
principal identified by the URL http://www.example.com/users/ejw
(i.e., the user "ejw") DAV ...
... xmlns:F="http://www.example.com/privs/">
<D:ace>
<D:principal>
<D:href>http://www.example.com/users/ejw</D:href>
</D:principal ...
... principal>
<D:href>http://www.example.com/users/ejw</D:href>
</D:principal>
<D:grant><D:write/></D:grant>
</D:ace>
...
... DAV:read privilege and deny the
principal identified by URL http://www.example.com/users/ygoland-so
(i.e., the user "ygoland-so") DAV ...
... DAV:read privilege. However, it is
illegal to have multiple principal elements, as well as both a grant
and deny element ...
... DAV:">
<D:ace>
<D:principal>
<D:href>http://www.example.com/users/friends</D:href>
</D:principal ...
... principal>
<D:href>http://www.example.com/users/friends</D:href>
</D:principal>
<D:grant><D:read/></D:grant>
<D:principal ...
... principal>
<D:grant><D:read/></D:grant>
<D:principal>
<D:href>http://www.example.com/users/ygoland-so</D:href>
</D:principal ...
... principal>
<D:href>http://www.example.com/users/ygoland-so</D:href>
</D:principal>
<D:deny><D:read/></D:deny>
</D:ace>
...
... The DAV:acl-principal-prop-set report returns, for all principals in
the DAV:acl property (of the Request-URI ...
... http(s) URLs or by a DAV:property principal, the value of the
properties specified in the REPORT request body. In the case where a
principal ...
... principal, the value of the
properties specified in the REPORT request body. In the case where a
principal URL appears multiple times, the DAV:acl-principal ...
... principal URL appears multiple times, the DAV:acl-principal-prop-set
report MUST return the properties for that principal only once.
...
... DAV:acl-principal-prop-set
report MUST return the properties for that principal only once.
Support for this report is REQUIRED.
...
... One expected use of this report is to retrieve the human readable
name (found in the DAV:displayname property) of each principal found
in an ACL. This is useful for constructing user interfaces ...
...
<!ELEMENT acl-principal-prop-set ANY>
ANY value: a sequence of one or more elements, with at most one
...
...
The response body for a successful DAV:acl-principal-prop-set
REPORT request MUST contain a DAV:response element ...
... DAV:response element for each
principal identified by an http(s) URL listed in a DAV:principal ...
... (DAV:number-of-matches-within-limits): The number of matching
principals must fall within server-specific, predefined limits.
For example, this condition might be triggered if a search ...
...
ACE #2: The principal identified by http://www.example.com/people/
gstein (the user "gstein") is granted DAV:write, DAV ...
...
The following example shows a DAV:acl-principal-prop-set report
requesting the DAV:displayname property. It returns the value of
...
... <D:displayname/>
</D:prop>
</D:acl-principal-prop-set>
>> Response <<
...
...
The DAV:principal-match REPORT is used to identify all members (at
any depth) of the collection identified by the Request-URI that are
...
... any depth) of the collection identified by the Request-URI that are
principals and that match the current user. In particular, if the
collection contains principals, the report can be used to identify
...
... principals and that match the current user. In particular, if the
collection contains principals, the report can be used to identify
all members of the collection that match the current user.
Alternatively, if the collection contains resources that have a
...
... all members of the collection that match the current user.
Alternatively, if the collection contains resources that have a
property that identifies a principal (e.g., DAV:owner), the report
can be used to identify all members of the collection whose property
...
... DAV:owner), the report
can be used to identify all members of the collection whose property
identifies a principal that matches the current user. For example,
this report can return all of the resources in a collection hierarchy
that are owned by the current user. Support for this report is
...
...
The response body for a successful DAV:principal-match REPORT
request MUST contain a DAV:response element ...
... collection that matches the current user. When the
DAV:principal-property element is used, a match occurs if the
current user is matched by the principal ...
... principal-property element is used, a match occurs if the
current user is matched by the principal identified by the URI
found in the DAV ...
... element of the property identified by the
DAV:principal-property element. When the DAV:self element ...
... element is used
in a DAV:principal-match report issued against a group, it matches
the group ...
... search REPORT performs a search for all
principals whose properties contain character data that matches the
search criteria specified in the request. One expected use of this
...
... search criteria specified in the request. One expected use of this
report is to discover the URL of a principal associated with a given
person or group by searching for them by name. This is done by
...
... group by searching for them by name. This is done by
searching over DAV:displayname, which is defined on all principals.
The actual search ...
... management systems. In cases where the implementation of
DAV:principal-property-search is not constrained by the semantics of
...
... searching on all properties. A search requesting properties that are
not searchable for a particular principal will not match that
principal.
...
... not searchable for a particular principal will not match that
principal.
Support for the DAV ...
... Implementation Note: Some implementations of this protocol will
use an LDAP repository for storage of principal metadata. The
schema describing each attribute (akin to a WebDAV property) in an
...
... XML
element containing a search specification and an optional list of
properties. For every principal that matches the search
specification, the response will contain the value of the
...
... search
specification, the response will contain the value of the
requested properties on that principal.
<!ELEMENT ...
... search
((property-search+), prop?, apply-to-principal-collection-set?) >
By default, the report searches all members (at any depth) of the
...
... Request-URI. If DAV:apply-to-
principal-collection-set is specified in the request body, the
request is applied instead to each collection identified by the
DAV ...
... request is applied instead to each collection identified by the
DAV:principal-collection-set property of the resource identified
by the Request-URI.
...
...
The response body for a successful DAV:principal-property-search
REPORT request MUST contain a DAV ...
... DAV:response element for each
principal whose property values satisfy the search specification
given in DAV ...
... (DAV:number-of-matches-within-limits): The number of matching
principals must fall within server-specific, predefined limits.
For example, this condition might be triggered if a search ...
... namespace "http://BigCorp.com/ns/" (that is,
their professional title) contains "Sales". In addition, the client
requests five properties to be returned with the matching principals:
In the DAV ...
... office, salary
The response shows that two principal resources meet the search
specification, "John Doe" and "Zygdoebert Smith". The property
...
... "salary" in namespace "http://www.example.com/ns/" is not returned,
since the principal making the request does not have sufficient
access permissions to read this property.
...
...
The DAV:principal-search-property-set REPORT identifies those
properties that may be searched using the DAV ...
... search-property-set REPORT identifies those
properties that may be searched using the DAV:principal-property-
search REPORT (defined in Section 9.4).
...
...
Servers MUST support the DAV:principal-search-property-set REPORT on
all collections identified in the value of a DAV ...
... search-property-set REPORT on
all collections identified in the value of a DAV:principal-
collection-set property.
...
... agent could use the results of the
DAV:principal-search-property-set REPORT to present a query interface ...
... XML element
for each property that may be searched with the DAV:principal-
property-search REPORT. A server MAY limit its response to just a
...
... The DAV:prop element contains one principal property on which the
server is able to perform a DAV:principal ...
... principal property on which the
server is able to perform a DAV:principal-property-search REPORT.
...
... In this example, the client determines the set of searchable
principal properties by requesting the DAV:principal-search ...
... principal properties by requesting the DAV:principal-search-
property-set REPORT on the root ...
... search-
property-set REPORT on the root of the server's principal URL
collection set, identified by http://www.example.com/users/.
...
... <D:description xml:lang="en">Full name</D:description>
</D:principal-search-property>
<D:principal ...
... <D:description xml:lang="en">Job title</D:description>
</D:principal-search-property>
</D:principal ...
... To reduce this risk, read-acl privileges should not be granted to
unauthenticated principals, and restrictions on read-acl and read-
current-user-privilege-set privileges ...
... privilege-set privileges for authenticated principals
should be carefully analyzed when deploying this protocol. Access to
the current-user-privilege ...
... create a new resource, then retrieve the value of the DAV:acl
property. This assumes the principal creating the resource also has
been granted the DAV:read-acl privilege ...
... privilege.
As a result, it is possible that a principal could create a resource,
and then discover that its ACL ...
... privileges that are
undesirable. Furthermore, this protocol makes it possible (though
unlikely) that the creating principal could be unable to modify the
ACL, or even delete ...
... ACL can be set.
Several factors mitigate this risk. Human principals are often aware
of the default access permissions in their editing environments and
take this into account when writing information. Furthermore,
...
... Remy Maucherat, Larry Masinter, Joe Orton, Peter Raymond, and Keith
Wannamaker. We thank Keith Wannamaker for the initial text of the
principal property search sections. Prior work on WebDAV access
control ...
... ELEMENT acl (ace)* >
<!ELEMENT ace ((principal | invert), (grant|deny), protected?,
inherited?)>
...
... <!ELEMENT acl-restrictions (grant-only?, no-invert?,
deny-before-grant?, required-principal?)>
<!ELEMENT ...
...
<!ELEMENT acl-principal-prop-set ANY>
ANY value: a sequence of one or more elements, with at most one
...
... principal-property | self), prop?)>
<!ELEMENT principal-property ANY>
ANY value: an element whose value identifies a property. The
...
... DAV:limited-number-of-aces (pre) 41
DAV:missing-required-principal (pre) 42
DAV:no-abstract (pre) 41
...
... DAV:limited-number-of-aces precondition 41
DAV:missing-required-principal precondition 42
DAV:no-abstract precondition 41
...