jspwiki-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Janne Jalkanen <Janne.Jalka...@ecyrd.com>
Subject Re: Allow tag does not restrict access
Date Mon, 13 Apr 2009 19:48:46 GMT

I was just waiting to see if the problems that had cropped up were  
real or my deployment issues.  I guess it could be launched.

/Janne

On Apr 13, 2009, at 22:41 , Harry Metske wrote:

> Well,
>
> you can find it here :
> http://www.ecyrd.com/~jalkanen/JSPWiki/2.8.2/JSPWiki-2.8.2-bin.zip
>
> Actually, we don't have a link to this on our Download page,  
> shouldn't it be
> there ?
>
> Harry
>
> 2009/4/10 Carlson, Eric R <eric.carlson@kroger.com>
>
>> Andrew,
>>
>>       I guess I'm confused - I'm running version 2.8.1, which I  
>> thought is
>> the same version that has been out there since release...  The  
>> download page
>> says it dates from 21-Nov-2008.   Are you referring to a different  
>> version,
>> version 3?
>>
>>                                               Eric R. Carlson
>>
>> Eric.Carlson@kroger.com
>>                                                        (513)-387-7739
>>
>>
>> -----Original Message-----
>> From: Andrew Jaquith [mailto:andrew.r.jaquith@gmail.com]
>> Sent: Friday, April 10, 2009 12:49 PM
>> To: jspwiki-user@incubator.apache.org
>> Subject: Re: Allow tag does not restrict access
>>
>> Eric -- you've provided me with enough information to try to verify
>> your issue. I'll try to do that over the next few days.
>>
>> In the meantime, could you try the latest nightly build, and see if  
>> it
>> produces different results?
>>
>> Regards, Andrew
>>
>> On Fri, Apr 10, 2009 at 10:35 AM, Carlson, Eric R
>> <eric.carlson@kroger.com> wrote:
>>> I've been having the exact same problem, and haven't been making any
>> headway on it, so I've gone over the FAQ to see if I can find the  
>> cause.
>>>
>>> First, I'm running JSPWiki 2.8.1.
>>>
>>> I have two user-ids I can access.   One is defined as an  
>>> administrator,
>> the second one isn't.  I was able to verify this by logging on to  
>> both of
>> them, going into 'My Prefs', and clicking on the 'Profile' tab.   
>> UserA shows
>> : Roles - All, Authenticated; Groups - None.   UserB shows : Roles  
>> - All,
>> Authenticated; Groups - Admin.
>>>
>>> I am not currently able to run the SecurityConfig.jsp application  
>>> (see my
>> other message), so I can't include the output here.
>>>
>>> I have enabled the security log, and set the logging level to DEBUG.
>> While I see messages in the log each time I log in, I don't see any  
>> sort of
>> messages in the security when I access a new page.  I'm not sure if  
>> I should
>> expect to see such messages, but the FAQ says to check the security  
>> log, and
>> I don't see anything there, other than logon messages.
>>>
>>> I've also cleared all cookies and temporary internet files, and  
>>> still get
>> the same problem.
>>>
>>> Here's what I have configured in jspwiki.policy :
>>>
>>> --------------------------------
>>>
>>> grant principal com.ecyrd.jspwiki.auth.authorize.Role "All" {
>>>   permission com.ecyrd.jspwiki.auth.permissions.PagePermission  
>>> "*:*",
>> "view";
>>>   permission com.ecyrd.jspwiki.auth.permissions.WikiPermission "*",
>> "editPreferences";
>>>   permission com.ecyrd.jspwiki.auth.permissions.WikiPermission "*",
>> "editProfile"
>>>   permission com.ecyrd.jspwiki.auth.permissions.WikiPermission "*",
>> "login";
>>> };
>>>
>>> grant principal com.ecyrd.jspwiki.auth.authorize.Role "Anonymous" {
>>> };
>>>
>>> grant principal com.ecyrd.jspwiki.auth.authorize.Role "Asserted" {
>>> };
>>>
>>> grant principal com.ecyrd.jspwiki.auth.authorize.Role  
>>> "Authenticated" {
>>>   permission com.ecyrd.jspwiki.auth.permissions.PagePermission  
>>> "*:*",
>> "modify,rename";
>>>   permission com.ecyrd.jspwiki.auth.permissions.GroupPermission  
>>> "*:*",
>> "view";
>>>   permission com.ecyrd.jspwiki.auth.permissions.GroupPermission
>> "*:<groupmember>", "edit";
>>>   permission com.ecyrd.jspwiki.auth.permissions.WikiPermission "*",
>> "createPages,createGroups";
>>> };
>>>
>>> grant principal com.ecyrd.jspwiki.auth.GroupPrincipal "Admin" {
>>>   permission com.ecyrd.jspwiki.auth.permissions.AllPermission "*";
>>> };
>>>
>>> grant principal com.ecyrd.jspwiki.auth.authorize.Role "Admin" {
>>>   permission com.ecyrd.jspwiki.auth.permissions.AllPermission "*";
>>> };
>>>
>>> -------------------------------
>>>
>>>                                               Eric R. Carlson
>>>
>> Eric.Carlson@kroger.com
>>>
>>> -----Original Message-----
>>> From: Harry Metske [mailto:harry.metske@gmail.com]
>>> Sent: Friday, April 10, 2009 4:23 AM
>>> To: jspwiki-user@incubator.apache.org; bhanu0608@yahoo.com
>>> Subject: Re: Allow tag does not restrict access
>>>
>>> Since we get quite a few of these questions, I started a FAQ on
>>> Authorization:
>>>
>>> http://www.jspwiki.org/wiki/FAQAuthorization
>>>
>>> feel free to add content........
>>>
>>> Harry
>>>
>>> 2009/4/9 Bhavani <bhanu0608@yahoo.com>
>>>
>>>> HI,
>>>>
>>>> We recently started implementing jspwiki. JAAS security is  
>>>> enabled and
>>>> everything works fine. But I am not able to control access to  
>>>> page edits
>>>> using the allow tag. Also everyone is able to edit the admin  
>>>> group. Even
>>>> people who are not members of the group can edit the group. So  
>>>> please
>> help
>>>> me with the following questions.
>>>>
>>>> 1. What am I missing that the allow tag is not working as it  
>>>> should be ?
>>>> 2. Is there a way to control non-members from editing the groups?
>>>>
>>>> -Bhavani
>>>>
>>>>
>>>>
>>>>
>>>>
>>>
>>> This e-mail message, including any attachments, is for the sole  
>>> use of
>> the intended recipient(s) and may contain information that is  
>> confidential
>> and protected by law from unauthorized disclosure. Any unauthorized  
>> review,
>> use, disclosure or distribution is prohibited. If you are not the  
>> intended
>> recipient, please contact the sender by reply e-mail and destroy  
>> all copies
>> of the original message.
>>>
>>


Mime
View raw message