jspwiki-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Andrew Jaquith <andrew.jaqu...@me.com>
Subject Re: Single page permission
Date Thu, 14 Aug 2008 20:30:39 GMT
Page ACLs can't grant more access than the security policy already  
allows.  If the security policy is more restrictive than the ACL, it  
overrides the ACL.

Your policy doesn't grant any kind of "read" access to page "Main."  
You'd need to specify a PagePermission of "read" for a page scope that  
includes "Main." You ACL will work if you do this. Of course, if you  
are trying to lock the wiki down super-tight, it would be simpler just  
to enumerate the pages you want to allow access to in the policy,  
rather than by using ACLs.

Andrew

On Aug 14, 2008, at 3:57 PM, Fabiano Bonin wrote:

> Hi all!
>
> I´m configuring a very closed Wiki, with the policy below basically
> for my own use, but with some few public pages.
>
> My "Main" page starts with this line:
>
> [{ALLOW view All}]
>
> But i can´t access it with anonymous, asserted or even authenticated
> users, expect me, the Admin. Is it expected?
>
> Regards,
>
> Fabiano Bonin
>
> grant principal com.ecyrd.jspwiki.auth.authorize.Role "All" {
>    permission com.ecyrd.jspwiki.auth.permissions.WikiPermission "*",  
> "login";
> };
> grant principal com.ecyrd.jspwiki.auth.authorize.Role  
> "Authenticated" {
> };
> grant principal com.ecyrd.jspwiki.auth.GroupPrincipal "Admin" {
>    permission com.ecyrd.jspwiki.auth.permissions.AllPermission "*";
> };
> grant principal com.ecyrd.jspwiki.auth.authorize.Role "Admin" {
>    permission com.ecyrd.jspwiki.auth.permissions.AllPermission "*";
> };


Mime
View raw message