incubator-jspwiki-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Carol Hassler" <Carol.Hass...@wicourts.gov>
Subject Re: wiki security and the policy file
Date Wed, 09 Nov 2011 19:53:33 GMT
Hi all,
 
Anyone have any ideas why the jspwiki.policy code below won't work with
JSPwiki 2.8.4?
 
thanks

>>> "Carol Hassler" <Carol.Hassler@wicourts.gov> 10/25/2011 12:17 PM
>>>
Thanks for your response.

As a last-ditch effort, I tried to give this wiki group full
permission
in the jspwiki.policy file by copying the "Admin" group info and
changing the group name (maybe I got this wrong?):

grant principal com.ecyrd.jspwiki.auth.GroupPrincipal "WSLLAdmins" {
    permission com.ecyrd.jspwiki.auth.permissions.AllPermission "*";
};


Prior to trying that, I had also tried:

grant principal com.ecyrd.jspwiki.auth.GroupPrincipal "WSLLAdmins" {
    permission com.ecyrd.jspwiki.auth.permissions.PagePermission
"*:*",
"delete";
};


All test members were already in the wiki group "WSLLAdmins". 

I should note that all other restrictions we set in the policy file DO
work. So we restricted users who weren't signed in from editing the
wiki
and that continues to work totally fine. That's why I was wondering if
I
was using the wrong syntax for this other "WSLLAdmins" wiki group.


I don't have access to the log files (long story). I'll see if I can
find out more. In the meantime, is there something obviously wrong
with
either of the commands included above? Maybe I just misunderstood how
those work.

thanks!
Carol


>>> Florian Holeczek <florian@holeczek.de> 10/25/2011 11:33 AM >>>
Hello Carol,

could you post the policy settings you're trying to set?
Do the log files tell anything?
Which groups are the relevant users in?
Which Servlet Container / Application Server are you using, and which
version and vendor of Java is it run with? Is it running without a
security manager (see JSPWIKI-129)?
Please also have a look at the mail thread in
http://www.mail-archive.com/jspwiki-user@incubator.apache.org/msg02855.html

Regards
Florian


----- Urspr√ľngliche Mail -----
Von: "Carol Hassler" <Carol.Hassler@wicourts.gov>
An: jspwiki-user@incubator.apache.org
Gesendet: Dienstag, 25. Oktober 2011 17:41:52
Betreff: wiki security and the policy file

Hello,

I am trying to set up limited permissions for a specific wiki group
(call the group "WikiAdmins") to delete pages. I don't want to grant
them the full power of the Admin group, so I'm trying to set limited
permissions via the policy file.

I've been following instructions here:
http://doc.jspwiki.org/2.4/wiki/Wiki.Admin.Security#section-Wiki.Admin.Security-ModifyingTheDefaultSecurityPolicy

And can't seem to get these permissions to work. I even tried copying
directly the "Admin" permissions already in the policy file, pasting
those onto the end of the file and changing the group name to
"WikiAdmins", but that doesn't seem to work for me either.

Does anyone have any suggestions for what I'm missing here? We're on
v.2.8.4.

Thanks!
Carol

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message