WikiSecurityEvent is a sublass of WikiEvent for security events: login/logout, wiki group adds/changes, and authorization decisions. When a WikiSecurityEvent is constructed, the security logger is notified. It defines the event types as described below.

These events are logged with priority ERROR:

  • login failed - bad credential or password : When a login fails due to wrong username or password.

These events are logged with priority WARN:

  • login failed - credential expired : When a login fails due to credential expiration.
  • login failed - account expired : When a login fails due to account expiration.

These events are logged with priority INFO:

  • login authenticated : When a user authenticates with a username and password, or via container auth.
  • logout : When a user logs out.
  • session expired : When a session expires.
  • user profile name changed : When a user profile name changes.

These events are not logged:

  • access allowed : When access to a resource is allowed.
  • access denied : When access to a resource is allowed.
  • login initiated : When a user's attempts to log in as guest, via cookies, using a password or otherwise.
  • login anonymous : When a user first accesses JSPWiki, but before logging in or setting a cookie.
  • login asserted : When a user sets a cookie to assert their identity.
  • user profile saved : When a user profile is saved.
  • add group : When a new wiki group is added.
  • remove group : When a wiki group is deleted.
  • clear all groups : When all wiki groups are removed from GroupDatabase.

These events no longer exist:

  • add group member : DESCRIPTION TBD
  • remove group member : DESCRIPTION TBD
  • clear all members from group : DESCRIPTION TBD

Add new attachment

Only authorized users are allowed to upload new attachments.
« This page (revision-2) was last changed on 18-Jul-2007 03:23 by MurrayAltheim