incubator-jspwiki-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Ed Thompson <ed4be...@gmail.com>
Subject ACL in jspWiki
Date Wed, 27 Jul 2011 14:43:15 GMT
trying to get a new instance of jspWiki to recognize changes I have made ins
jspwiki.policy:

grant principal com.ecyrd.jspwiki.auth.authorize.Role "All" {
    permission com.ecyrd.jspwiki.auth.permissions.WikiPermission "*",
"login";
};

grant principal com.ecyrd.jspwiki.auth.authorize.Role "Authenticated" {
    permission com.ecyrd.jspwiki.auth.permissions.PagePermission "*:*",
"view";
};

grant principal com.ecyrd.jspwiki.auth.GroupPrincipal "Admin" {
    permission com.ecyrd.jspwiki.auth.permissions.AllPermission "*";
};
grant principal com.ecyrd.jspwiki.auth.authorize.Role "Admin" {
    permission com.ecyrd.jspwiki.auth.permissions.AllPermission "*";
};


When I login as a user that does NOT have admin privileges, they still have
edit writes to all pages.  It seems to be because this code:

    protected final boolean verifyStaticPermission( Principal principal,
final Permission permission )
    {
        Subject subject = new Subject();
        subject.getPrincipals().add( principal );
        boolean allowedByGlobalPolicy = ((Boolean)
            Subject.doAsPrivileged( subject, new PrivilegedAction<Object>()
...

always returns  true.

I don't know enough about that call to know where to turn.  Anyone have a
direction?  I am running the latest version 2.8.4 under Websphere 7.0.9

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message