jspwiki-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Florian Holeczek <flor...@holeczek.de>
Subject security configuration question
Date Fri, 15 Aug 2008 16:20:11 GMT
Hi all,

I've just set up a public wiki which should only be accessible to
authenticated users. However, every visitor should be able to sign in.
He's then approved via the user creation workflow.

Protecting the wiki content from unauthenticated users works - but
unfortunately, neither authenticated users nor the administrator can
edit pages. Either there's no error message at all (meaning the page
content simply won't be changed) or there's an error message "you're
not allowed to do that.

Here's some part of my log:

> 2008-08-15 18:09:01,596 [httpSSLWorkerThread-8080-1] INFO
> SecurityLog BNV-GZ Wiki:/Login.jsp BNV-GZ
> Wiki:http://wiki.bnv-gz.de:8080/Login.jsp -
> WikiSecurityEvent.LOGIN_AUTHENTICATED
> [source=com.ecyrd.jspwiki.auth.AuthenticationManager@1af2bc,
> princpal=com.ecyrd.jspwiki.auth.WikiPrincipal admin,
> target=com.ecyrd.jspwiki.WikiSession@8f9a4f]
> 2008-08-15 18:09:01,597 [httpSSLWorkerThread-8080-1] INFO JSPWiki
> BNV-GZ Wiki:/Login.jsp BNV-GZ
> Wiki:http://wiki.bnv-gz.de:8080/Login.jsp - Successfully
> authenticated user admin (custom auth)
> 2008-08-15 18:09:01,599 [httpSSLWorkerThread-8080-1] INFO JSPWiki
> BNV-GZ Wiki:/Login.jsp BNV-GZ
> Wiki:http://wiki.bnv-gz.de:8080/Login.jsp - Redirecting user to
> http://wiki.bnv-gz.de:8080/wiki/Main
> 2008-08-15 18:09:01,678 [httpSSLWorkerThread-8080-0] INFO
> com.ecyrd.jspwiki.WikiServlet BNV-GZ Wiki:/wiki/Main BNV-GZ
> Wiki:http://wiki.bnv-gz.de:8080/wiki/Main - Request for page: Main
> 2008-08-15 18:09:06,810 [httpSSLWorkerThread-8080-1] INFO
> com.ecyrd.jspwiki.WikiServlet BNV-GZ Wiki:/wiki/SandBox BNV-GZ
> Wiki:http://wiki.bnv-gz.de:8080/wiki/SandBox - Request for page: SandBox
> 2008-08-15 18:09:08,807 [httpSSLWorkerThread-8080-0] INFO JSPWiki
> BNV-GZ Wiki:/Edit.jsp BNV-GZ
> Wiki:http://wiki.bnv-gz.de:8080/Edit.jsp - Editing page SandBox.
> User=Administrator, host=91.47.176.42
> 2008-08-15 18:09:24,462 [httpSSLWorkerThread-8080-0] INFO JSPWiki
> BNV-GZ Wiki:/Edit.jsp BNV-GZ
> Wiki:http://wiki.bnv-gz.de:8080/Edit.jsp - Saving page SandBox.
> User=Administrator, host=91.47.176.42
> 2008-08-15 18:09:24,545 [httpSSLWorkerThread-8080-1] INFO
> com.ecyrd.jspwiki.WikiServlet BNV-GZ Wiki:/wiki/SandBox BNV-GZ
> Wiki:http://wiki.bnv-gz.de:8080/wiki/SandBox - Request for page: SandBox

This is my jspwiki.policy:
---
grant principal com.ecyrd.jspwiki.auth.authorize.Role "All" {
    permission com.ecyrd.jspwiki.auth.permissions.WikiPermission "*", "editPreferences";
    permission com.ecyrd.jspwiki.auth.permissions.WikiPermission "*", "editProfile";
    permission com.ecyrd.jspwiki.auth.permissions.WikiPermission "*", "login";
};

grant principal com.ecyrd.jspwiki.auth.authorize.Role "Anonymous" {
};

grant principal com.ecyrd.jspwiki.auth.authorize.Role "Asserted" {
};

grant principal com.ecyrd.jspwiki.auth.authorize.Role "Authenticated" {
    permission com.ecyrd.jspwiki.auth.permissions.PagePermission "*:*", "view,rename";
    permission com.ecyrd.jspwiki.auth.permissions.GroupPermission "*:*", "view";
    permission com.ecyrd.jspwiki.auth.permissions.GroupPermission "*:<groupmember>",
"edit";
    permission com.ecyrd.jspwiki.auth.permissions.WikiPermission "*", "createPages,createGroups";
};

grant principal com.ecyrd.jspwiki.auth.GroupPrincipal "Admin" {
    permission com.ecyrd.jspwiki.auth.permissions.AllPermission "*";
};
grant principal com.ecyrd.jspwiki.auth.authorize.Role "Admin" {
    permission com.ecyrd.jspwiki.auth.permissions.AllPermission "*";
};
---

What am I doing wrong?
Thanks in advance!

Best Regards
 Florian

Mime
View raw message