incubator-jspwiki-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Florian Hopf <h...@synyx.de>
Subject Integrating JSPWiki in another webapp
Date Fri, 04 Jan 2008 17:15:06 GMT
Hi,
I'm currently in the process of integrating JSPWiki in a different
webapp and have some problems regarding authorization.

I want the wiki to be integrated completely in my webapp and use only
the login of my webapp. The wiki is not supposed to be visible at all
for anonymous users.

I developed a LoginModule that retrieves the user information from
session. The relevant section of the LoginModule:

                WikiPrincipal userPrincipal = new
WikiPrincipal(user.getCmsUserName());
               
                // If login succeeds, commit these principals/roles
                m_principals.add(userPrincipal);
                m_principals.add(Role.AUTHENTICATED);
                m_principals.add(Role.ALL);

                // If login succeeds, overwrite these principals/roles
                m_principalsToOverwrite.add( WikiPrincipal.GUEST );
                m_principalsToOverwrite.add(Role.ANONYMOUS);
                m_principalsToOverwrite.add(Role.ASSERTED);
               
                // If login fails, remove these roles
                m_principalsToRemove.add(Role.AUTHENTICATED);

                return true;

I adjusted the jspwiki.jaas configuration to look like this:

JSPWiki-container {
   my.LoginModule       SUFFICIENT;
   com.ecyrd.jspwiki.auth.login.AnonymousLoginModule       SUFFICIENT;
};

I still use the WebContainerAuthorizer, as long as I'm always logged in,
this shouldn't matter?

I adjusted jspwiki.policy to look like this (only Authenticated
permissions):

... keystore and code policies ...

grant signedBy "jspwiki",
  principal com.ecyrd.jspwiki.auth.authorize.Role "Authenticated" {
    permission com.ecyrd.jspwiki.auth.permissions.PagePermission "*:*",
"rename";
    permission com.ecyrd.jspwiki.auth.permissions.WikiPermission "*",
"createPages";
    permission com.ecyrd.jspwiki.auth.permissions.AllPermission "JSPWiki";
    permission com.ecyrd.jspwiki.auth.permissions.WikiPermission "*",
"login";
};

Now when I access the main page everything seems to work fine (It
displays my user name on the left bar) but I can't click any links
because I don't have access to any page. (The log says: User hopf has no
access - forbidden
(permission=("com.ecyrd.jspwiki.auth.permissions.PagePermission","JSPWiki:UndefinedPages","view"))

I ran a debugger session to find out, what's wrong. My session subject
contains all three principals (the WikiPrincipal and the two roles ALL
and AUTHENTICATED) but all security checks for PagePermissions fail. I
tried to include all PagePermissions (edit, view, ...) but this didn't
help either.

Am I on the right track trying to integrate the wiki in my user
management or am I doing something wrong?

Thanks for any help
Florian


Mime
View raw message