!! Authorization

----
__Q__ 
\\Anyone can edit my pages, even when I put an ALLOW tag on the page that should prohibit editing.

__A__
* Make sure the person editing the page is not a JSPWiki Administrator (bypassing all ACL processing). Check User Preferences => Profiles
* Check your admin/SecurityConfig.jsp, it tells you all about your security configuration, see this [example output|SecurityConfig.jsp.html]
* Check your JSPWiki logs after increasing the debug levels. You configure your logging in jspwiki.properties (<=2.8), or via WEB-INF/classes/log4j.properties. You should have a jspwiki.log and a security.log
* Make sure you don't get a cached copy of the page (either from your browser cache, or from a proxy). Clear your browser cache, and force a page reload.

----