Add new attachment

Only authorized users are allowed to upload new attachments.

This page (revision-7) was last changed on 14-Jan-2007 21:35 by KeithSwenson  

This page was created on 30-Dec-2006 10:45 by KeithSwenson

Only authorized users are allowed to rename pages.

Only authorized users are allowed to delete pages.

Difference between version and

At line 31 changed one line
-[Keith Swenson]
-- [Keith Swenson]
At line 49 added 17 lines
Andrew:
The J2EE authentication is consistent with the way I suggest it should work, but it is a little too severe: you can not see anything unless logged in. This is also consistent with HTTP authentication, where the challenge and the subsequent login request stays on the same address -- there is no separate address.
The Wiki is a little more flexible than this, there are many modes of operation, but the one I need most commonly is: it allows viewing of pages when not logged in, but editing of the page allowed only when you are logged in. This is supported very well with the current implementation. The page has a particular address; the page at that addres either appears with or without edit button depending upon whether you are are logged in. The description at the top covers this case, as well as a number of other cases, in the desire to set forth a design principle
The main inconvenience I encounter in the current release: I browse around and find a page without being logged in. I want to edit that page so I click the login button and enter username/password. As a result of this, I find myself at the main wiki page and I have to browse, sometimes several clicks and scrolls, to get back to that page. Maybe if it is in the breadcrumbs it is only one click. But the point is that going back to the main page is NEVER what I want.
Janne challenged me to contribute something. I have been browsing around the code, which is a bit of a learning experience due to the amount of custom tags. I have discovered that the "Login.jsp" page is prepared to receive a "redirect" parameter, and if that is supplied, will go to that page after login. The only problem is that the "Login" link on all the pages does not include that redirect parameter. In my version here, I made a small change (two lines) to the "PageActions.jsp" to include the name of the current page in the Login link, and it works! When I am on a page, and click "login" I end up back on that same page after login. I added a few lines to "Logout.jsp" to accept a similar "redirect" parameter and Logout works the same way.
I believe this is the desired behavior: viewing a page, login and stay on that page, logout and stay on that page. It is not quite perfect from a purist point of view: the address of the page that displays the login prompt is different from the page. This is acceptable since requesting login is not a proper "state" of the session (but it could be....). However in cases where the page can ONLY be viewed when logged in it would be convenient to put the login prompt directly on the page.
Assuming there is agreement that this is an improvement (and there is evidence for this since it appears that it was already half implemented this way) I would like to check this change in, and I am trying to figure out how to do this.
-- [Keith Swenson]
Version Date Modified Size Author Changes ... Change note
7 14-Jan-2007 21:35 10.025 kB KeithSwenson to previous
6 02-Jan-2007 20:33 7.128 kB Andrew Jaquith to previous | to last
5 02-Jan-2007 20:33 7.138 kB Andrew Jaquith to previous | to last Comment by Andrew Jaquith
4 30-Dec-2006 17:05 5.533 kB JanneJalkanen to previous | to last answered Keith
3 30-Dec-2006 11:18 5.339 kB KeithSwenson to previous | to last
2 30-Dec-2006 10:57 2.213 kB KeithSwenson to previous | to last
1 30-Dec-2006 10:45 0.635 kB KeithSwenson to last
« This page (revision-7) was last changed on 14-Jan-2007 21:35 by KeithSwenson