Return-Path: Delivered-To: apmail-incubator-jspwiki-user-archive@locus.apache.org Received: (qmail 19444 invoked from network); 26 Mar 2008 04:31:46 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.2) by minotaur.apache.org with SMTP; 26 Mar 2008 04:31:46 -0000 Received: (qmail 95493 invoked by uid 500); 26 Mar 2008 04:31:45 -0000 Delivered-To: apmail-incubator-jspwiki-user-archive@incubator.apache.org Received: (qmail 95476 invoked by uid 500); 26 Mar 2008 04:31:45 -0000 Mailing-List: contact jspwiki-user-help@incubator.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: jspwiki-user@incubator.apache.org Delivered-To: mailing list jspwiki-user@incubator.apache.org Received: (qmail 95467 invoked by uid 99); 26 Mar 2008 04:31:45 -0000 Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 25 Mar 2008 21:31:45 -0700 X-ASF-Spam-Status: No, hits=1.2 required=10.0 tests=SPF_NEUTRAL X-Spam-Check-By: apache.org Received-SPF: neutral (nike.apache.org: local policy) Received: from [125.63.38.249] (HELO mx.gate01.com) (125.63.38.249) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 26 Mar 2008 04:30:54 +0000 Received: from [58.5.213.150] (helo=ex2.pts-japan.com) by smtp33.isp.us-com.jp with smtp (Mail 4.41) id 1JeNI4-0001oJ-3G for jspwiki-user@incubator.apache.org; Wed, 26 Mar 2008 13:31:08 +0900 X-MimeOLE: Produced By Microsoft Exchange V6.5 Content-class: urn:content-classes:message MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Subject: RE: Permissions Date: Wed, 26 Mar 2008 13:34:31 +0900 Message-ID: <1256FAA4C2F57A47ADB82223ECEA5CF8023A7436@EX2.pts-japan.com> In-Reply-To: <000501c88c52$4f71bcc0$ee553640$@co.uk> X-MS-Has-Attach: X-MS-TNEF-Correlator: Thread-Topic: Permissions Thread-Index: AciMUk4C5YLk2ldLR2CesTBezuWsswCp4JCQ References: <000501c88c52$4f71bcc0$ee553640$@co.uk> From: "Joerg Meyer" To: X-Virus-Checked: Checked by ClamAV on apache.org I am not sure if this will solve the problem, but we had a while ago a double login issue as well. Basicall when your wiki has two different "locations" then it will occasionally require two logins. The server our wiki is setup has several aliases but after the login the wiki will relocate to its configuered location (jspwiki.properties). If the domain/server name is different then the wiki requires a second login. i.e. http://iruka/wiki login Relocate to http://wiki/wiki Have to login again Hope this helps, Joerg -----Original Message----- From: Derek Rothwell [mailto:derek@drothwell.co.uk]=20 Sent: Sunday, March 23, 2008 4:24 AM To: jspwiki-user@incubator.apache.org Subject: Permissions I want to set up permissions so that everybody has to log in to make any changes, and to login for any revisions to be noted. With the config below: - when a user has a cookie, they can make a change, but then find it isn't saved. The page revision is updated even though no change has been made. It's the page revision that's the problem. - when a user has a cookie, JSPWiki detects who they are. They login and find that they move to an "anonymous guest" state. They login a second time and then they are properly asserted. It's the second login that's the problem. Please can you tell me how to correct this behaviour. I'm using JSPWiki 2.6.1 Derek // The first policy block is extremely loose, and unsuited for public-facing wikis. // Anonymous users are allowed to view, create, edit and comment on all pages // (except group pages). Anonymous users can also register with the wiki; // to edit their profile after registration, they must log in. // // Note: For Internet-facing wikis, you are strongly advised to remove the // lines containing the "edit" and "createPages" permissions; this will make // the wiki read-only for anonymous users. grant signedBy "jspwiki", principal com.ecyrd.jspwiki.auth.authorize.Role "Anonymous" { permission com.ecyrd.jspwiki.auth.permissions.PagePermission "*:*", "view"; // permission com.ecyrd.jspwiki.auth.permissions.PagePermission "*:*", "edit"; // permission com.ecyrd.jspwiki.auth.permissions.WikiPermission "*", "createPages"; // permission com.ecyrd.jspwiki.auth.permissions.WikiPermission "*", "editPreferences"; permission com.ecyrd.jspwiki.auth.permissions.WikiPermission "*", "editProfile"; permission com.ecyrd.jspwiki.auth.permissions.WikiPermission "*", "login"; }; // This next policy block is also pretty loose. It allows users who claim to // be someone (via their cookie) to view, create, edit and comment on all pages // (except group pages). Anonymous users can also register with the wiki; // to edit their profile after registration, they must log in. grant signedBy "jspwiki", principal com.ecyrd.jspwiki.auth.authorize.Role "Asserted" { // permission com.ecyrd.jspwiki.auth.permissions.PagePermission "*:*", "edit"; // permission com.ecyrd.jspwiki.auth.permissions.GroupPermission "*:*", "view"; // permission com.ecyrd.jspwiki.auth.permissions.WikiPermission "*", "createPages"; // permission com.ecyrd.jspwiki.auth.permissions.WikiPermission "*", "editPreferences"; permission com.ecyrd.jspwiki.auth.permissions.WikiPermission "*", "editProfile"; permission com.ecyrd.jspwiki.auth.permissions.WikiPermission "*", "login"; }; // Authenticated users can do most things: view, create, edit and=20 // comment on all pages; upload files to existing ones; create and edit // wiki groups; and rename existing pages. Authenticated users can register // with the wiki, edit their own profiles, and edit groups they create. grant signedBy "jspwiki",=20 principal com.ecyrd.jspwiki.auth.authorize.Role "Authenticated" { permission com.ecyrd.jspwiki.auth.permissions.PagePermission "*:*", "modify,rename"; permission com.ecyrd.jspwiki.auth.permissions.GroupPermission "*:*", "view"; permission com.ecyrd.jspwiki.auth.permissions.GroupPermission "*:", "edit"; permission com.ecyrd.jspwiki.auth.permissions.WikiPermission "*", "createPages,createGroups"; permission com.ecyrd.jspwiki.auth.permissions.WikiPermission "*", "editPreferences"; permission com.ecyrd.jspwiki.auth.permissions.WikiPermission "*", "editProfile"; permission com.ecyrd.jspwiki.auth.permissions.WikiPermission "*", "login"; };