| Title | Code signing is unnecessary |
| Date | 25-Feb-2006 01:04:17 EET |
| Version | 2.3 |
| Submitter | 89.55.177.112 |
| Bug criticality | LightBug |
| Browser version | |
| Bug status | NewBug |
| PageProvider used | |
| Servlet Container | Tomcat 5.5 |
| Operating System | Win32, Linux |
| URL | |
| Java version | 5.0 |
JSPWiki uses jspwiki.policy entries like ({) grant signedBy "jspwiki" principal com.ecyrd.jspwiki.auth.authorize.Role "Asserted" (})
The signedBy is unnecessary, it suffices to grant to principals.
I deleted all signedBy "jspwiki", the security code still works. I tested Sun JDK 5.0 with XP and Linux.
The signing makes development unnecessaryly difficult.
Add new attachment
Only authorized users are allowed to upload new attachments.
«
This particular version was published on 25-Feb-2006 01:04 by 89.55.177.112.
JSPWiki
- Features
- Download
- Documentation
- Templates
- Plugins
- Provider
- Filters
- Support
- FAQ
- Irc Channel
- Mailing List
- Weblog
- Applications
- Getting Involved
- JSPWIKI Testers
Development
Internet Search