If a user don't have appropriate permission to a node and tries to hit document detail's page a 500 error gets reported in the access logs. This should throw a 403 error as described in JIRA:
Steps to reproduce:
- Log in as User1
- Create a Private site.
- Upload a document.
- Go to document details and copy Download link, e.g. http://localhost:8080/share/page/document-details?nodeRef=workspace://SpacesStore/70a64064-49b0-46cb-99bf-52b88a6b078d
- Log in as User2.
- Insert the link in url.
Access logs should show a 403 Error.
If you check the access logs a 500 Error gets reported
Alfresco 5.2.4, Tomcat, Postgres
Analysis to date:
Looking through Jira this was fixed in version 4.1.10. Testing this version does show a 410 Error being showed in the access logs. Please take a look at the file attached "results in access logs.txt. This file shows the difference in response code between version 4.1.10 and 5.2.4.