is it possible to use negative ACL entries for a resource? I mean, the API provides a check for isNegative() but I have never seen a negative IResourceAclEntry yet. Besides, I could not figure out how to specify a deny Permission within the KMC. The only thing I could manage to do is the "normal" specification of allow-permissions and service permissions. Perhaps anybody knows how to set a negative permission for a resource within the KMC-Portal area.
Thanks in advance,
we planned to provide negative ACL entries. In fact it is partially implemented, but it emerged that it is hard to visualize the permission settings when negative ACL entries are used. Furthermore negative ACL entries often confused customers so we decided not to provide them anymore.
Currently there are no plans to provide negative ACL entries.