incubator-jspwiki-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Bhavani <bhanu0...@yahoo.com>
Subject Re: Allow tag does not restrict access
Date Fri, 10 Apr 2009 19:03:20 GMT
Here is what I have changed:

------------------------------------------------------
jspwiki.policy: Commented out all the permissions for All, Ananymous and Asserted roles and
just kept the Admin and Authenticated roles.

grant principal com.ecyrd.jspwiki.auth.authorize.Role "All" {
};
grant principal com.ecyrd.jspwiki.auth.authorize.Role "Anonymous" {
};
grant principal com.ecyrd.jspwiki.auth.authorize.Role "Asserted" {
};

grant principal com.ecyrd.jspwiki.auth.authorize.Role "Authenticated" {
    permission com.ecyrd.jspwiki.auth.permissions.PagePermission "*:*", "modify,rename";
    permission com.ecyrd.jspwiki.auth.permissions.GroupPermission "*:*", "view";
    permission com.ecyrd.jspwiki.auth.permissions.GroupPermission "*:<groupmember>",
"edit";
    permission com.ecyrd.jspwiki.auth.permissions.WikiPermission "*", "createPages,createGroups";
};

grant principal com.ecyrd.jspwiki.auth.GroupPrincipal "Admin" {
    permission com.ecyrd.jspwiki.auth.permissions.AllPermission "*";
};
grant principal com.ecyrd.jspwiki.auth.authorize.Role "Admin" {
    permission com.ecyrd.jspwiki.auth.permissions.AllPermission "*";
};

------------------------------------------------------
jspwiki.properties: Using a custom login module and enabled JAAS security:

jspwiki.loginModule.class =com.ecyrd.jspwiki.auth.login.UserDatabaseLoginModule
jspwiki.security =jaas
------------------------------------------------------
web.xml: Added a filter and mappings for authenticating using SSO

   <filter>
      <filter-name>AuthenticationFilter</filter-name>
      <filter-class>com.hgst.wiki.sso.SSOAuthenticationFilter</filter-class>
    <init-param>
        <param-name>redirectUrl</param-name>
        <param-value>/sso/wiki</param-value>
    </init-param>
    <init-param>
        <param-name>logoutUrl</param-name>
        <param-value>/portal/site/hiwire/template.LOGOUT/action.process/</param-value>
    </init-param>
    <init-param>
        <param-name>hiwireUrl</param-name>
        <param-value>/portal/site/hiwire</param-value>
    </init-param>
   </filter>

   <filter-mapping >
       <filter-name>AuthenticationFilter</filter-name>
       <url-pattern>/*</url-pattern>
       <dispatcher>REQUEST</dispatcher>
       <dispatcher>FORWARD</dispatcher>
   </filter-mapping>
------------------------------------------------------

The page I am trying to view has the following content:
[{ALLOW view Administrator}]
[{ALLOW edit Administrator}]
This is a wiki admin group.
------------------------------------------------------

Pls let me know if you need any other info.

-Bhavani
--- On Fri, 4/10/09, Janne Jalkanen <janne.jalkanen@ecyrd.com> wrote:
From: Janne Jalkanen <janne.jalkanen@ecyrd.com>
Subject: Re: Allow tag does not restrict access
To: jspwiki-user@incubator.apache.org
Date: Friday, April 10, 2009, 1:14 PM

Can you please provide more information about your configuration?   
What did you change from the stock setup?

/Janne





      
Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message