incubator-jspwiki-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Harry Metske" <harry.met...@gmail.com>
Subject Re: weird access rights issue, was: Re: security configuration question
Date Tue, 19 Aug 2008 08:18:11 GMT
Florian,

I think we had similar problems in the past (unfortunately my long term
memory is bad).
The symptoms were that (mostly) the main page was not publicly accessible
anymore, only for administrators.
Looking at the source of the page, there were no ACL's on it.
The workaround for this was always Edit the page (add something to it) and
save it.
This problem occurred on average 3 times a week.

The problem was solved after an upgrade, but I don't know anymore to which
version (you can see the version history on my personal page on jspwiki.org
).

We currently run 2.7.0-svn-44, and we don't have the problem anymore.

Hope this helps,
Harry

2008/8/19 Florian Holeczek <florian@holeczek.de>

> Hi all,
>
> I think I can at least reproduce this problem now, but still don't
> know what exactly is causing it.
>
> The cause seems to be in the german core pages. I've used them on
> Glassfish 2ur2 on a Solaris Nevada machine as well as on my local
> Tomcat 6 (Windows XP machine).
> So it's at least container-independent.
> It's also not depending on the security policy - appeared with both my
> restrictive policy as well as the standard jspwiki.policy.
>
> The problem appears quite often on the Main page (not editable
> although it should be). If not, try adding a comment to the SandBox.
> At first, edit and comment are available, but when posting the
> comment, in most cases the error "you are not allowed to do
> that" appears. After this, the SandBox isn't editable anymore.
>
> Could someone else try to reproduce it, too? The only thing you have
> to do is using the german core pages from the trunk. It even doesn't
> matter if there are additional pages in the page directory.
>
> Regards
>  Florian
>
> Urspr√ľngliche Nachricht vom 17.08.2008 um 23:01:
>
> > You need to make a test comment, then a few edits without comments.
> > Check if the comment appears in recentchanges even though it should not.
>
> > Also, do you have access limitations in LeftMenu or any of the other
> > included pages?
>
> > /Janne
>
> > On 17 Aug 2008, at 23:54, Florian Holeczek wrote:
>
> >> I can hardly test this, because the wiki isn't in use (yet).
> >> Tried to do a test comment, but at least this time JSPWIKI-27 didn't
> >> occur.
> >>
> >> Just opened all pages. The error occured on about 5 of the core pages
> >> this time (which are about 30).
> >> Once the error occurs, it's always the same: I have no rights but to
> >> view the page.
> >>
> >> Regards
> >>  Florian
> >>
> >> Urspr√ľngliche Nachricht vom 17.08.2008 um 22:23:
> >>
> >>> Are you experiencing also the symptoms of JSPWIKI-27?  It could be
> >>> the same cause - but I don't really, really, really know what is
> >>> going on.  I've been trying to fix this since 2.2.x or something...
> >>
> >>> /Janne
> >>
> >>> On 17 Aug 2008, at 23:07, Florian Holeczek wrote:
> >>
> >>>> Hi all,
> >>>>
> >>>> I've got some more details in this problem. Seems as if the access
> >>>> rights toggle randomly across time and pages!
> >>>>
> >>>> Anybody else experienced this before or knows how to detect what's
> >>>> wrong?
> >>>>
> >>>> Should I create a JIRA entry on it?
> >>>>
> >>>> Regards
> >>>>  Florian
> >>>>
> >>>> Urspr√ľngliche Nachricht vom 17.08.2008 um 14:02:
> >>>>> Here are the log files when trying to edit Main:
> >>>>
> >>>>>> 2008-08-17 14:01:51,464 [httpSSLWorkerThread-8080-1] DEBUG
> >>>>>> com.ecyrd.jspwiki.auth.AuthorizationManager BNV-GZ Wiki:/Edit.jsp
> >>>>>> BNV-GZ Wiki:http://wiki.bnv-gz.de:8080/Edit.jsp - Checking for
> >>>>>> principal: [Ljava.security.Principal;@78b6b3
> >>>>>> 2008-08-17 14:01:51,464 [httpSSLWorkerThread-8080-1] DEBUG
> >>>>>> com.ecyrd.jspwiki.auth.AuthorizationManager BNV-GZ Wiki:/Edit.jsp
> >>>>>> BNV-GZ Wiki:http://wiki.bnv-gz.de:8080/Edit.jsp - Permission:
> >>>>>> ("com.ecyrd.jspwiki.auth.permissions.PagePermission","BNV-GZ
> >>>>>> Wiki:Main","edit")
> >>>>>> 2008-08-17 14:01:51,464 [httpSSLWorkerThread-8080-1] INFO
> >>>>>> com.ecyrd.jspwiki.WikiContext BNV-GZ Wiki:/Edit.jsp BNV-GZ
> >>>>>> Wiki:http://wiki.bnv-gz.de:8080/Edit.jsp - User Florian
> >>>>>> Holeczek has
> >>>>>> no access - forbidden
> >>>>>> (permission=
> >>>>>> ("com.ecyrd.jspwiki.auth.permissions.PagePermission","BNV-GZ
> >>>>>> Wiki:Main","edit"))
> >>>>
> >>>>>  Florian
> >>>>
> >>
>
>


-- 
met vriendelijke groet,
Harry Metske
Telnr. +31-548-512395
Mobile +31-6-51898081
Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message