TitleUser Profile not getting loaded at login
Date09-Jan-2007 07:56:45 EET
Version2.4.87
SubmitterDaveWolf
Bug criticalityBadBug
Browser versionFirefox 2.0.0.1 on OSX 10.4.8
Bug statusClosedBug
PageProvider usedcom.ecyrd.jspwiki.providers.VersioningFileProvider
Servlet ContainerTomcat 5.5.20
Operating SystemFedora 2
URLhttp://wiki.progressnow.org:8180/wiki/Wiki.jsp?page=Main
Java version1.6

The User Profile is not getting set from the saved values, when I log on. I have several user ids so that I can test the security configuration. I set up each profile with its own skin so that it is obvious which login I'm using at any given time. However, what I've found is that when I log out / in from one user id to another, the user profile values from the one just logged out are carried over to the current one. This is occuring on the same workstation, so I guess it is not going to hit too many folks.

I currently maintain three different Wikis - two at work (both behind a firewall) and this one. All three are using the BrushedTemplate (brushed-v2.4.x.zip).

I'm certainly open that the problem might be in the policy file. Below is a copy:

grant signedBy "jspwiki",
  principal com.ecyrd.jspwiki.auth.authorize.Role "Anonymous" {
    permission com.ecyrd.jspwiki.auth.permissions.PagePermission "*:*", "view";
    permission com.ecyrd.jspwiki.auth.permissions.WikiPermission "*", "editPreferences";
    permission com.ecyrd.jspwiki.auth.permissions.WikiPermission "*", "editProfile";
    permission com.ecyrd.jspwiki.auth.permissions.WikiPermission "*", "login";
};


// This next policy block is also pretty loose. It allows users who claim to
// be someone (via their cookie) to view, create, edit and comment on all pages
// (except group pages). Anonymous users can also register with the wiki;
// to edit their profile after registration, they must log in.

grant signedBy "jspwiki",
  principal com.ecyrd.jspwiki.auth.authorize.Role "Asserted" {
    permission com.ecyrd.jspwiki.auth.permissions.PagePermission "*:*", "view";
    permission com.ecyrd.jspwiki.auth.permissions.WikiPermission "*", "editPreferences";
    permission com.ecyrd.jspwiki.auth.permissions.WikiPermission "*", "login";
};


// Authenticated users can do most things: view, create, edit and
// comment on all pages; upload files to existing ones; create and edit
// wiki groups; and rename existing pages. Authenticated users can register
// with the wiki, edit their own profiles, and edit groups they create.

grant signedBy "jspwiki",
  principal com.ecyrd.jspwiki.auth.authorize.Role "Authenticated" {
    permission com.ecyrd.jspwiki.auth.permissions.PagePermission "*:*", "view";
    permission com.ecyrd.jspwiki.auth.permissions.GroupPermission "*:*", "view";
    permission com.ecyrd.jspwiki.auth.permissions.WikiPermission "*", "editPreferences";
    permission com.ecyrd.jspwiki.auth.permissions.WikiPermission "*", "editProfile";
    permission com.ecyrd.jspwiki.auth.permissions.WikiPermission "*", "login";
};

// Accepted users can do most things: view, create, edit and
// comment on all pages; upload files to existing ones; create and edit
// wiki groups; and rename existing pages. Accepted users can register
// with the wiki, edit their own profiles, and edit groups they create.

grant signedBy "jspwiki",
  principal com.ecyrd.jspwiki.auth.GroupPrincipal "Accepted" {
    permission com.ecyrd.jspwiki.auth.permissions.PagePermission "*:*", "edit";
    permission com.ecyrd.jspwiki.auth.permissions.PagePermission "*:*", "modify,rename";
    permission com.ecyrd.jspwiki.auth.permissions.GroupPermission "*:*", "view";
    permission com.ecyrd.jspwiki.auth.permissions.WikiPermission "*", "createPages";
    permission com.ecyrd.jspwiki.auth.permissions.WikiPermission "*", "createPages,createGroups";
};

grant signedBy "jspwiki",
  principal com.ecyrd.jspwiki.auth.GroupPrincipal "ProgressNowPrincipals" {
    permission com.ecyrd.jspwiki.auth.permissions.GroupPermission "*:<groupmember>", "edit";
};


// Administrators (principals or roles possessing AllPermission)
// are allowed to delete any page, and can edit, rename and delete
// groups. You should match the permission target (here, 'JSPWiki')
// with the value of the 'jspwiki.applicationName' property in
// jspwiki.properties. Two administative groups are set up below:
// the wiki group "Admin" (stored by default in wiki page GroupAdmin)
// and the container role "Admin" (managed by the web container).

grant signedBy "jspwiki",
  principal com.ecyrd.jspwiki.auth.GroupPrincipal "Admin" {
    permission com.ecyrd.jspwiki.auth.permissions.AllPermission "ColoWiki";
    permission com.ecyrd.jspwiki.auth.permissions.GroupPermission "*:*", "edit";
};
grant signedBy "jspwiki",
  principal com.ecyrd.jspwiki.auth.authorize.Role "Admin" {
    permission com.ecyrd.jspwiki.auth.permissions.AllPermission "ColoWiki";
    permission com.ecyrd.jspwiki.auth.permissions.GroupPermission "*:*", "edit";
};

Does anything look amiss?


Please do not forget to enclose any literals within a {{{ }}} -block!

Will do! --DaveWolf

Dave, their exists 2 types of preferences: preferences saved as part of the User's Profile, such as Mail address, names. All Browers related preferences, saved in the cookie of the Browser, such as Skin, Time&Date. (BrushedTemplate only) So this is not a bug, but implemented like that. Obviously, you could fire a NewIdea to get some of those parameters added to the user's profile. --DF
Ahh, I see, bad assumption on my part. Thanks for the explanation and suggestion. Maybe it would make sense to check for the data in the user's page and use it if it is there. Done, see IdeaStoreUserProfileAttributesInUsersPageAsMetaData --DaveWolf

Since it has gone over to a new Idea I think we should close this one.

--HarryMetske

Add new attachment

Only authorized users are allowed to upload new attachments.
« This page (revision-13) was last changed on 24-Mar-2007 19:11 by HarryMetske