This is version . It is not the current version, and thus it cannot be edited.
[Back to current version]   [Restore this version]

Authorization#


Q
Anyone can edit my pages, even when I put an ALLOW tag on the page that should prohibit editing.

A

  • Make sure the person editing the page is not a JSPWiki Administrator (bypassing all ACL processing). Check User Preferences => Profiles
  • Check your admin/SecurityConfig.jsp, it tells you all about your security configuration, see this example output(info). To use this jsp, you should first put jspwiki-x.securityconfig.enable=true in jspwiki.properties
  • Check your JSPWiki logs after increasing the debug levels. You configure your logging in jspwiki.properties (<= version 2.8), or via WEB-INF/classes/log4j.properties (>= version 3.0). You should have a jspwiki.log and a security.log
  • Make sure you don't get a cached copy of the page (either from your browser cache, or from a proxy). Clear your browser cache, and force a page reload.

Q
I have a rather restrictive policy for my wiki having a default that only allow authorized users to view pages. I have a couple of pages that should be public, and I added ALLOW view All to them, but that does not work.

A
With page ACL's you can only further restrict permissions, and not widen them up.

Add new attachment

Only authorized users are allowed to upload new attachments.

List of attachments

Kind Attachment Name Size Version Date Modified Author Change note
html
SecurityConfig.jsp.html 65.2 kB 1 10-Apr-2009 11:21 Harry Metske
« This particular version was published on 10-Apr-2009 16:55 by HarryMetske.