incubator-jspwiki-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Janne Jalkanen <Janne.Jalka...@ecyrd.com>
Subject Re: ALLOW tag not working properly
Date Thu, 12 Feb 2009 17:59:34 GMT
> But I guess I'm a little confused about the way the [{ALLOW view  
> userid}] functions.   Since it is part of the JSPWiki page text, I  
> would think it would have to be processed at the level where the  
> page is being viewed, not through the security setup.   The security  
> setup would decide whether a user is allowed to view or edit pages  
> in general.   I would imagine that the [{ALLOW view userid}] tag  
> works after a user is attempting to pull up the page in question -  
> more at the JSPWiki level than at the security level.


Well, whenever the page is changed, we parse the text and find all  
ALLOW statements, then store them in the page ACL.  And yeah, the  
security subsystem first checks the ACLs before the page content is  
even read.

/Janne

Mime
View raw message