jspwiki-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Weijian Fang" ...@ecs.soton.ac.uk>
Subject Control access to page according to its name pattern
Date Thu, 29 May 2008 15:04:54 GMT
Hi,

I am using JSPWiki 2.6.2. I want to implement the following access
contorl policies:

1. anyone, either anonymous or authenticated, can view any page,
except pages whose names begin with "Private", e.g.,
"PrivateProjectInformation";

2. only users with proper roles can view or edit pages whose names
begin with "Private".

Policy 2 can be implemented if Policy 1 is not in place. It can be
done by putting the following into jspwiki.policy:

grant
  principal com.ecyrd.jspwiki.auth.authorize.Role "Authenticated" {
    permission com.ecyrd.jspwiki.auth.permissions.PagePermission
"*:Private*", "view";
    permission com.ecyrd.jspwiki.auth.permissions.PagePermission
"*:Private*", "edit";
}

I don't know how to implement both policies at the same time. Any
suggestion? Thank you very much in advance!

Cheers,

Weijian

Mime
View raw message