You are viewing a plain text version of this content. The canonical link for it is here.
Posted to user@jspwiki.apache.org by Rolf Schumacher <ro...@august.de> on 2015/06/23 23:44:56 UTC
Closed
Dear JSPWiki insiders
I would like to open a JSPWiki to a limited set of contributers.
I did several experiments with editing jspwiki.policy without success.
I must say I am not able to understand the logic behind it and stopped
trying it.
Is there just an ready-to-use example of a jspwiki.policy for a limited
set of users?
--
Viele Grüße, Best Regards
Rolf Schumacher
RE: Closed
Posted by Rolf Schumacher <ro...@august.de>.
Ok, thank you Xiaoming.
I do not really understand your answer to my question. Currently in my
new wiki there are only the standard pages. The wiki does not contain
any user pages yet. They have to come. Usually you start entering pages
by navigating from the main page to other pages - but it is not possible
here to open it by the jspwiki.policy you provided.
If the provided jspwiki.policy works on your site there should be a
difference in our installations. Do you got an idea to find the
difference?
---
Viele Grüße, Best Regards
Rolf Schumacher
Am 29.06.2015 17:52, schrieb Xiaoming Yang:
> Basically, I don't put much info on Main page. All valuable info are
> put on pages that can only be seen by 'Authenticated' role.
>
> Regards,
> Xiaoming
>
>
> -----Original Message-----
> From: Rolf Schumacher [mailto:rolf@august.de]
> Sent: 29 June 2015 16:09
> To: user@jspwiki.apache.org
> Subject: RE: Closed
>
> Yes, understand, Xiaoming.
>
> I tried to make it secure via https:// in order to have a bit of
> security that no-one in-between can listen to the content. Opening
> viewing for all would do just the opposite, the use-case I tried to
> exclude.
>
> My application is project communication such as meeting notes,
> decisions on architecture and algorithms, intermediate analysis,
> interesting links, tool configurations, ...
> Customer names may be mentioned so I got to be cautious.
>
> Any other idea for me to access main page with strict access policy?
>
> ---
> Viele Grüße, Best Regards
>
> Rolf Schumacher
>
> Am 29.06.2015 15:00, schrieb Xiaoming Yang:
>> Hi, Rolf,
>>
>> The easiest way to solve your problem is to simply give 'view' right
>> to 'All' as below.
>>
>> grant principal org.apache.wiki.auth.authorize.Role "All" {
>> permission org.apache.wiki.auth.permissions.PagePermission
>> "*:Main", "view";
>> // permission org.apache.wiki.auth.permissions.WikiPermission "*",
>> "editPreferences";
>> // permission org.apache.wiki.auth.permissions.WikiPermission "*",
>> "editProfile";
>> permission org.apache.wiki.auth.permissions.WikiPermission "*",
>> "login"; };
>>
>> Regards,
>> Xiaoming
>>
>>
>> -----Original Message-----
>> From: Rolf Schumacher [mailto:rolf@august.de]
>> Sent: 29 June 2015 13:03
>> To: user@jspwiki.apache.org
>> Cc: Xiaoming Yang
>> Subject: RE: Closed
>>
>> I pasted it here: http://paste.siduction.org/20150629120129
>>
>> It supposed to be exactly what you mailed to me, Xiaoming.
>>
>> ---
>> Viele Grüße, Best Regards
>>
>> Rolf Schumacher
>>
>> Am 29.06.2015 11:07, schrieb Xiaoming Yang:
>>> What does your policy look like, Rolf?
>>>
>>> Regards,
>>> Xiaoming
>>>
>>> -----Original Message-----
>>> From: Rolf Schumacher [mailto:rolf@august.de]
>>> Sent: 28 June 2015 13:50
>>> To: user@jspwiki.apache.org
>>> Subject: RE: Closed
>>>
>>> Thank you for your answer, Xiaoming
>>>
>>>
>>> Had a few problems with entering the first new name to
>>> userdatabase.xml.
>>> With some complicated procedure I had the luck of being authenticated
>>> - according to logging (back-and-forth with old an new
>>> jspwiki.policy, cannot commit "easy").
>>>
>>> Now I am facing a followup problem that I am not able to solve on my
>>> own: the user seems to be authenticated but is not allowed of viewing
>>> Main page.
>>> Here are the logging messages:
>>>
>>> 2015-06-28 14:29:40,481 [http-nio-8080-exec-6] INFO JSPWiki
>>> Jspwiki:/jspwiki/Login.jsp
>>> Jspwiki:http://wiki.url.com/jspwiki/Login.jsp
>>> - Successfully authenticated user ngong (custom auth)
>>> 2015-06-28 14:29:40,481 [http-nio-8080-exec-6] INFO JSPWiki
>>> Jspwiki:/jspwiki/Login.jsp
>>> Jspwiki:http://wiki.url.com/jspwiki/Login.jsp
>>> - Redirecting user to https://wiki.url.com/Wiki.jsp?page=Main
>>> 2015-06-28 14:29:40,487 [http-nio-8080-exec-7] INFO
>>> org.apache.wiki.auth.AuthorizationManager Jspwiki:/jspwiki/Wiki.jsp
>>> Jspwiki:http://wiki.url.com/jspwiki/Wiki.jsp - User The Name has no
>>> access - redirecting
>>> (permission=("org.apache.wiki.auth.permissions.PagePermission","Jspwi
>>> k
>>> i:Main","view"))
>>> 2015-06-28 14:29:40,499 [http-nio-8080-exec-8] INFO
>>> org.apache.wiki.util.PropertyReader Jspwiki:/jspwiki/Login.jsp
>>> Jspwiki:http://wiki.url.com/jspwiki/Login.jsp - No
>>> jspwiki.custom.config defined for this context, looking for custom
>>> properties file with default name of: /jspwiki-custom.properties
>>>
>>>
>>> Do you got another hint for me?
>>>
>>> ---
>>> Viele Grüße, Best Regards
>>>
>>> Rolf Schumacher
>>>
>>> Am 24.06.2015 06:22, schrieb Xiaoming Yang:
>>>> Hi Rolf,
>>>>
>>>> It is quite easy to create your own policy. For example, here is my
>>>> policy, which only allow Authenticated users to use the wiki.
>>>>
>>>> /--------------
>>>>
>>>> grant principal org.apache.wiki.auth.authorize.Role "All" {
>>>> permission org.apache.wiki.auth.permissions.WikiPermission "*",
>>>> "login"; };
>>>>
>>>> grant principal org.apache.wiki.auth.authorize.Role "Anonymous" { };
>>>>
>>>> grant principal org.apache.wiki.auth.authorize.Role "Asserted" { };
>>>>
>>>> grant principal org.apache.wiki.auth.authorize.Role "Authenticated"
>>>> {
>>>> permission org.apache.wiki.auth.permissions.PagePermission
>>>> "*:*", "view,modify,rename";
>>>> permission org.apache.wiki.auth.permissions.GroupPermission
>>>> "*:*", "view";
>>>> permission org.apache.wiki.auth.permissions.GroupPermission
>>>> "*:<groupmember>", "edit";
>>>> permission org.apache.wiki.auth.permissions.WikiPermission "*",
>>>> "createPages,createGroups"; };
>>>>
>>>> --------------/
>>>>
>>>>
>>>> Regards,
>>>>
>>>> Xiaoming
>>>>
>>>> ________________________________________
>>>> From: Rolf Schumacher [rolf@august.de]
>>>> Sent: 23 June 2015 22:44
>>>> To: user@jspwiki.apache.org
>>>> Subject: Closed
>>>>
>>>> Dear JSPWiki insiders
>>>>
>>>> I would like to open a JSPWiki to a limited set of contributers.
>>>> I did several experiments with editing jspwiki.policy without
>>>> success.
>>>> I must say I am not able to understand the logic behind it and
>>>> stopped trying it.
>>>>
>>>> Is there just an ready-to-use example of a jspwiki.policy for a
>>>> limited set of users?
>>>>
>>>> --
>>>> Viele Grüße, Best Regards
>>>>
>>>> Rolf Schumacher
RE: Closed
Posted by Xiaoming Yang <xi...@ctsu.ox.ac.uk>.
Basically, I don't put much info on Main page. All valuable info are put on pages that can only be seen by 'Authenticated' role.
Regards,
Xiaoming
-----Original Message-----
From: Rolf Schumacher [mailto:rolf@august.de]
Sent: 29 June 2015 16:09
To: user@jspwiki.apache.org
Subject: RE: Closed
Yes, understand, Xiaoming.
I tried to make it secure via https:// in order to have a bit of security that no-one in-between can listen to the content. Opening viewing for all would do just the opposite, the use-case I tried to exclude.
My application is project communication such as meeting notes, decisions on architecture and algorithms, intermediate analysis, interesting links, tool configurations, ...
Customer names may be mentioned so I got to be cautious.
Any other idea for me to access main page with strict access policy?
---
Viele Grüße, Best Regards
Rolf Schumacher
Am 29.06.2015 15:00, schrieb Xiaoming Yang:
> Hi, Rolf,
>
> The easiest way to solve your problem is to simply give 'view' right
> to 'All' as below.
>
> grant principal org.apache.wiki.auth.authorize.Role "All" {
> permission org.apache.wiki.auth.permissions.PagePermission
> "*:Main", "view";
> // permission org.apache.wiki.auth.permissions.WikiPermission "*",
> "editPreferences";
> // permission org.apache.wiki.auth.permissions.WikiPermission "*",
> "editProfile";
> permission org.apache.wiki.auth.permissions.WikiPermission "*",
> "login"; };
>
> Regards,
> Xiaoming
>
>
> -----Original Message-----
> From: Rolf Schumacher [mailto:rolf@august.de]
> Sent: 29 June 2015 13:03
> To: user@jspwiki.apache.org
> Cc: Xiaoming Yang
> Subject: RE: Closed
>
> I pasted it here: http://paste.siduction.org/20150629120129
>
> It supposed to be exactly what you mailed to me, Xiaoming.
>
> ---
> Viele Grüße, Best Regards
>
> Rolf Schumacher
>
> Am 29.06.2015 11:07, schrieb Xiaoming Yang:
>> What does your policy look like, Rolf?
>>
>> Regards,
>> Xiaoming
>>
>> -----Original Message-----
>> From: Rolf Schumacher [mailto:rolf@august.de]
>> Sent: 28 June 2015 13:50
>> To: user@jspwiki.apache.org
>> Subject: RE: Closed
>>
>> Thank you for your answer, Xiaoming
>>
>>
>> Had a few problems with entering the first new name to
>> userdatabase.xml.
>> With some complicated procedure I had the luck of being authenticated
>> - according to logging (back-and-forth with old an new
>> jspwiki.policy, cannot commit "easy").
>>
>> Now I am facing a followup problem that I am not able to solve on my
>> own: the user seems to be authenticated but is not allowed of viewing
>> Main page.
>> Here are the logging messages:
>>
>> 2015-06-28 14:29:40,481 [http-nio-8080-exec-6] INFO JSPWiki
>> Jspwiki:/jspwiki/Login.jsp
>> Jspwiki:http://wiki.url.com/jspwiki/Login.jsp
>> - Successfully authenticated user ngong (custom auth)
>> 2015-06-28 14:29:40,481 [http-nio-8080-exec-6] INFO JSPWiki
>> Jspwiki:/jspwiki/Login.jsp
>> Jspwiki:http://wiki.url.com/jspwiki/Login.jsp
>> - Redirecting user to https://wiki.url.com/Wiki.jsp?page=Main
>> 2015-06-28 14:29:40,487 [http-nio-8080-exec-7] INFO
>> org.apache.wiki.auth.AuthorizationManager Jspwiki:/jspwiki/Wiki.jsp
>> Jspwiki:http://wiki.url.com/jspwiki/Wiki.jsp - User The Name has no
>> access - redirecting
>> (permission=("org.apache.wiki.auth.permissions.PagePermission","Jspwi
>> k
>> i:Main","view"))
>> 2015-06-28 14:29:40,499 [http-nio-8080-exec-8] INFO
>> org.apache.wiki.util.PropertyReader Jspwiki:/jspwiki/Login.jsp
>> Jspwiki:http://wiki.url.com/jspwiki/Login.jsp - No
>> jspwiki.custom.config defined for this context, looking for custom
>> properties file with default name of: /jspwiki-custom.properties
>>
>>
>> Do you got another hint for me?
>>
>> ---
>> Viele Grüße, Best Regards
>>
>> Rolf Schumacher
>>
>> Am 24.06.2015 06:22, schrieb Xiaoming Yang:
>>> Hi Rolf,
>>>
>>> It is quite easy to create your own policy. For example, here is my
>>> policy, which only allow Authenticated users to use the wiki.
>>>
>>> /--------------
>>>
>>> grant principal org.apache.wiki.auth.authorize.Role "All" {
>>> permission org.apache.wiki.auth.permissions.WikiPermission "*",
>>> "login"; };
>>>
>>> grant principal org.apache.wiki.auth.authorize.Role "Anonymous" { };
>>>
>>> grant principal org.apache.wiki.auth.authorize.Role "Asserted" { };
>>>
>>> grant principal org.apache.wiki.auth.authorize.Role "Authenticated" {
>>> permission org.apache.wiki.auth.permissions.PagePermission
>>> "*:*", "view,modify,rename";
>>> permission org.apache.wiki.auth.permissions.GroupPermission
>>> "*:*", "view";
>>> permission org.apache.wiki.auth.permissions.GroupPermission
>>> "*:<groupmember>", "edit";
>>> permission org.apache.wiki.auth.permissions.WikiPermission "*",
>>> "createPages,createGroups"; };
>>>
>>> --------------/
>>>
>>>
>>> Regards,
>>>
>>> Xiaoming
>>>
>>> ________________________________________
>>> From: Rolf Schumacher [rolf@august.de]
>>> Sent: 23 June 2015 22:44
>>> To: user@jspwiki.apache.org
>>> Subject: Closed
>>>
>>> Dear JSPWiki insiders
>>>
>>> I would like to open a JSPWiki to a limited set of contributers.
>>> I did several experiments with editing jspwiki.policy without
>>> success.
>>> I must say I am not able to understand the logic behind it and
>>> stopped trying it.
>>>
>>> Is there just an ready-to-use example of a jspwiki.policy for a
>>> limited set of users?
>>>
>>> --
>>> Viele Grüße, Best Regards
>>>
>>> Rolf Schumacher
RE: Closed
Posted by Rolf Schumacher <ro...@august.de>.
Yes, understand, Xiaoming.
I tried to make it secure via https:// in order to have a bit of
security that no-one in-between can listen to the content. Opening
viewing for all would do just the opposite, the use-case I tried to
exclude.
My application is project communication such as meeting notes, decisions
on architecture and algorithms, intermediate analysis, interesting
links, tool configurations, ...
Customer names may be mentioned so I got to be cautious.
Any other idea for me to access main page with strict access policy?
---
Viele Grüße, Best Regards
Rolf Schumacher
Am 29.06.2015 15:00, schrieb Xiaoming Yang:
> Hi, Rolf,
>
> The easiest way to solve your problem is to simply give 'view' right
> to 'All' as below.
>
> grant principal org.apache.wiki.auth.authorize.Role "All" {
> permission org.apache.wiki.auth.permissions.PagePermission
> "*:Main", "view";
> // permission org.apache.wiki.auth.permissions.WikiPermission "*",
> "editPreferences";
> // permission org.apache.wiki.auth.permissions.WikiPermission "*",
> "editProfile";
> permission org.apache.wiki.auth.permissions.WikiPermission "*",
> "login";
> };
>
> Regards,
> Xiaoming
>
>
> -----Original Message-----
> From: Rolf Schumacher [mailto:rolf@august.de]
> Sent: 29 June 2015 13:03
> To: user@jspwiki.apache.org
> Cc: Xiaoming Yang
> Subject: RE: Closed
>
> I pasted it here: http://paste.siduction.org/20150629120129
>
> It supposed to be exactly what you mailed to me, Xiaoming.
>
> ---
> Viele Grüße, Best Regards
>
> Rolf Schumacher
>
> Am 29.06.2015 11:07, schrieb Xiaoming Yang:
>> What does your policy look like, Rolf?
>>
>> Regards,
>> Xiaoming
>>
>> -----Original Message-----
>> From: Rolf Schumacher [mailto:rolf@august.de]
>> Sent: 28 June 2015 13:50
>> To: user@jspwiki.apache.org
>> Subject: RE: Closed
>>
>> Thank you for your answer, Xiaoming
>>
>>
>> Had a few problems with entering the first new name to
>> userdatabase.xml.
>> With some complicated procedure I had the luck of being authenticated
>> - according to logging (back-and-forth with old an new jspwiki.policy,
>> cannot commit "easy").
>>
>> Now I am facing a followup problem that I am not able to solve on my
>> own: the user seems to be authenticated but is not allowed of viewing
>> Main page.
>> Here are the logging messages:
>>
>> 2015-06-28 14:29:40,481 [http-nio-8080-exec-6] INFO JSPWiki
>> Jspwiki:/jspwiki/Login.jsp
>> Jspwiki:http://wiki.url.com/jspwiki/Login.jsp
>> - Successfully authenticated user ngong (custom auth)
>> 2015-06-28 14:29:40,481 [http-nio-8080-exec-6] INFO JSPWiki
>> Jspwiki:/jspwiki/Login.jsp
>> Jspwiki:http://wiki.url.com/jspwiki/Login.jsp
>> - Redirecting user to https://wiki.url.com/Wiki.jsp?page=Main
>> 2015-06-28 14:29:40,487 [http-nio-8080-exec-7] INFO
>> org.apache.wiki.auth.AuthorizationManager Jspwiki:/jspwiki/Wiki.jsp
>> Jspwiki:http://wiki.url.com/jspwiki/Wiki.jsp - User The Name has no
>> access - redirecting
>> (permission=("org.apache.wiki.auth.permissions.PagePermission","Jspwik
>> i:Main","view"))
>> 2015-06-28 14:29:40,499 [http-nio-8080-exec-8] INFO
>> org.apache.wiki.util.PropertyReader Jspwiki:/jspwiki/Login.jsp
>> Jspwiki:http://wiki.url.com/jspwiki/Login.jsp - No
>> jspwiki.custom.config defined for this context, looking for custom
>> properties file with default name of: /jspwiki-custom.properties
>>
>>
>> Do you got another hint for me?
>>
>> ---
>> Viele Grüße, Best Regards
>>
>> Rolf Schumacher
>>
>> Am 24.06.2015 06:22, schrieb Xiaoming Yang:
>>> Hi Rolf,
>>>
>>> It is quite easy to create your own policy. For example, here is my
>>> policy, which only allow Authenticated users to use the wiki.
>>>
>>> /--------------
>>>
>>> grant principal org.apache.wiki.auth.authorize.Role "All" {
>>> permission org.apache.wiki.auth.permissions.WikiPermission "*",
>>> "login"; };
>>>
>>> grant principal org.apache.wiki.auth.authorize.Role "Anonymous" { };
>>>
>>> grant principal org.apache.wiki.auth.authorize.Role "Asserted" { };
>>>
>>> grant principal org.apache.wiki.auth.authorize.Role "Authenticated" {
>>> permission org.apache.wiki.auth.permissions.PagePermission "*:*",
>>> "view,modify,rename";
>>> permission org.apache.wiki.auth.permissions.GroupPermission
>>> "*:*", "view";
>>> permission org.apache.wiki.auth.permissions.GroupPermission
>>> "*:<groupmember>", "edit";
>>> permission org.apache.wiki.auth.permissions.WikiPermission "*",
>>> "createPages,createGroups"; };
>>>
>>> --------------/
>>>
>>>
>>> Regards,
>>>
>>> Xiaoming
>>>
>>> ________________________________________
>>> From: Rolf Schumacher [rolf@august.de]
>>> Sent: 23 June 2015 22:44
>>> To: user@jspwiki.apache.org
>>> Subject: Closed
>>>
>>> Dear JSPWiki insiders
>>>
>>> I would like to open a JSPWiki to a limited set of contributers.
>>> I did several experiments with editing jspwiki.policy without
>>> success.
>>> I must say I am not able to understand the logic behind it and
>>> stopped trying it.
>>>
>>> Is there just an ready-to-use example of a jspwiki.policy for a
>>> limited set of users?
>>>
>>> --
>>> Viele Grüße, Best Regards
>>>
>>> Rolf Schumacher
RE: Closed
Posted by Xiaoming Yang <xi...@ctsu.ox.ac.uk>.
Hi, Rolf,
The easiest way to solve your problem is to simply give 'view' right to 'All' as below.
grant principal org.apache.wiki.auth.authorize.Role "All" {
permission org.apache.wiki.auth.permissions.PagePermission "*:Main", "view";
// permission org.apache.wiki.auth.permissions.WikiPermission "*", "editPreferences";
// permission org.apache.wiki.auth.permissions.WikiPermission "*", "editProfile";
permission org.apache.wiki.auth.permissions.WikiPermission "*", "login";
};
Regards,
Xiaoming
-----Original Message-----
From: Rolf Schumacher [mailto:rolf@august.de]
Sent: 29 June 2015 13:03
To: user@jspwiki.apache.org
Cc: Xiaoming Yang
Subject: RE: Closed
I pasted it here: http://paste.siduction.org/20150629120129
It supposed to be exactly what you mailed to me, Xiaoming.
---
Viele Grüße, Best Regards
Rolf Schumacher
Am 29.06.2015 11:07, schrieb Xiaoming Yang:
> What does your policy look like, Rolf?
>
> Regards,
> Xiaoming
>
> -----Original Message-----
> From: Rolf Schumacher [mailto:rolf@august.de]
> Sent: 28 June 2015 13:50
> To: user@jspwiki.apache.org
> Subject: RE: Closed
>
> Thank you for your answer, Xiaoming
>
>
> Had a few problems with entering the first new name to
> userdatabase.xml.
> With some complicated procedure I had the luck of being authenticated
> - according to logging (back-and-forth with old an new jspwiki.policy,
> cannot commit "easy").
>
> Now I am facing a followup problem that I am not able to solve on my
> own: the user seems to be authenticated but is not allowed of viewing
> Main page.
> Here are the logging messages:
>
> 2015-06-28 14:29:40,481 [http-nio-8080-exec-6] INFO JSPWiki
> Jspwiki:/jspwiki/Login.jsp
> Jspwiki:http://wiki.url.com/jspwiki/Login.jsp
> - Successfully authenticated user ngong (custom auth)
> 2015-06-28 14:29:40,481 [http-nio-8080-exec-6] INFO JSPWiki
> Jspwiki:/jspwiki/Login.jsp
> Jspwiki:http://wiki.url.com/jspwiki/Login.jsp
> - Redirecting user to https://wiki.url.com/Wiki.jsp?page=Main
> 2015-06-28 14:29:40,487 [http-nio-8080-exec-7] INFO
> org.apache.wiki.auth.AuthorizationManager Jspwiki:/jspwiki/Wiki.jsp
> Jspwiki:http://wiki.url.com/jspwiki/Wiki.jsp - User The Name has no
> access - redirecting
> (permission=("org.apache.wiki.auth.permissions.PagePermission","Jspwik
> i:Main","view"))
> 2015-06-28 14:29:40,499 [http-nio-8080-exec-8] INFO
> org.apache.wiki.util.PropertyReader Jspwiki:/jspwiki/Login.jsp
> Jspwiki:http://wiki.url.com/jspwiki/Login.jsp - No
> jspwiki.custom.config defined for this context, looking for custom
> properties file with default name of: /jspwiki-custom.properties
>
>
> Do you got another hint for me?
>
> ---
> Viele Grüße, Best Regards
>
> Rolf Schumacher
>
> Am 24.06.2015 06:22, schrieb Xiaoming Yang:
>> Hi Rolf,
>>
>> It is quite easy to create your own policy. For example, here is my
>> policy, which only allow Authenticated users to use the wiki.
>>
>> /--------------
>>
>> grant principal org.apache.wiki.auth.authorize.Role "All" {
>> permission org.apache.wiki.auth.permissions.WikiPermission "*",
>> "login"; };
>>
>> grant principal org.apache.wiki.auth.authorize.Role "Anonymous" { };
>>
>> grant principal org.apache.wiki.auth.authorize.Role "Asserted" { };
>>
>> grant principal org.apache.wiki.auth.authorize.Role "Authenticated" {
>> permission org.apache.wiki.auth.permissions.PagePermission "*:*",
>> "view,modify,rename";
>> permission org.apache.wiki.auth.permissions.GroupPermission
>> "*:*", "view";
>> permission org.apache.wiki.auth.permissions.GroupPermission
>> "*:<groupmember>", "edit";
>> permission org.apache.wiki.auth.permissions.WikiPermission "*",
>> "createPages,createGroups"; };
>>
>> --------------/
>>
>>
>> Regards,
>>
>> Xiaoming
>>
>> ________________________________________
>> From: Rolf Schumacher [rolf@august.de]
>> Sent: 23 June 2015 22:44
>> To: user@jspwiki.apache.org
>> Subject: Closed
>>
>> Dear JSPWiki insiders
>>
>> I would like to open a JSPWiki to a limited set of contributers.
>> I did several experiments with editing jspwiki.policy without success.
>> I must say I am not able to understand the logic behind it and
>> stopped trying it.
>>
>> Is there just an ready-to-use example of a jspwiki.policy for a
>> limited set of users?
>>
>> --
>> Viele Grüße, Best Regards
>>
>> Rolf Schumacher
RE: Closed
Posted by Rolf Schumacher <ro...@august.de>.
I pasted it here: http://paste.siduction.org/20150629120129
It supposed to be exactly what you mailed to me, Xiaoming.
---
Viele Grüße, Best Regards
Rolf Schumacher
Am 29.06.2015 11:07, schrieb Xiaoming Yang:
> What does your policy look like, Rolf?
>
> Regards,
> Xiaoming
>
> -----Original Message-----
> From: Rolf Schumacher [mailto:rolf@august.de]
> Sent: 28 June 2015 13:50
> To: user@jspwiki.apache.org
> Subject: RE: Closed
>
> Thank you for your answer, Xiaoming
>
>
> Had a few problems with entering the first new name to
> userdatabase.xml.
> With some complicated procedure I had the luck of being authenticated
> - according to logging (back-and-forth with old an new jspwiki.policy,
> cannot commit "easy").
>
> Now I am facing a followup problem that I am not able to solve on my
> own: the user seems to be authenticated but is not allowed of viewing
> Main page.
> Here are the logging messages:
>
> 2015-06-28 14:29:40,481 [http-nio-8080-exec-6] INFO JSPWiki
> Jspwiki:/jspwiki/Login.jsp
> Jspwiki:http://wiki.url.com/jspwiki/Login.jsp
> - Successfully authenticated user ngong (custom auth)
> 2015-06-28 14:29:40,481 [http-nio-8080-exec-6] INFO JSPWiki
> Jspwiki:/jspwiki/Login.jsp
> Jspwiki:http://wiki.url.com/jspwiki/Login.jsp
> - Redirecting user to https://wiki.url.com/Wiki.jsp?page=Main
> 2015-06-28 14:29:40,487 [http-nio-8080-exec-7] INFO
> org.apache.wiki.auth.AuthorizationManager Jspwiki:/jspwiki/Wiki.jsp
> Jspwiki:http://wiki.url.com/jspwiki/Wiki.jsp - User The Name has no
> access - redirecting
> (permission=("org.apache.wiki.auth.permissions.PagePermission","Jspwiki:Main","view"))
> 2015-06-28 14:29:40,499 [http-nio-8080-exec-8] INFO
> org.apache.wiki.util.PropertyReader Jspwiki:/jspwiki/Login.jsp
> Jspwiki:http://wiki.url.com/jspwiki/Login.jsp - No
> jspwiki.custom.config defined for this context, looking for custom
> properties file with default name of: /jspwiki-custom.properties
>
>
> Do you got another hint for me?
>
> ---
> Viele Grüße, Best Regards
>
> Rolf Schumacher
>
> Am 24.06.2015 06:22, schrieb Xiaoming Yang:
>> Hi Rolf,
>>
>> It is quite easy to create your own policy. For example, here is my
>> policy, which only allow Authenticated users to use the wiki.
>>
>> /--------------
>>
>> grant principal org.apache.wiki.auth.authorize.Role "All" {
>> permission org.apache.wiki.auth.permissions.WikiPermission "*",
>> "login"; };
>>
>> grant principal org.apache.wiki.auth.authorize.Role "Anonymous" { };
>>
>> grant principal org.apache.wiki.auth.authorize.Role "Asserted" { };
>>
>> grant principal org.apache.wiki.auth.authorize.Role "Authenticated" {
>> permission org.apache.wiki.auth.permissions.PagePermission "*:*",
>> "view,modify,rename";
>> permission org.apache.wiki.auth.permissions.GroupPermission "*:*",
>> "view";
>> permission org.apache.wiki.auth.permissions.GroupPermission
>> "*:<groupmember>", "edit";
>> permission org.apache.wiki.auth.permissions.WikiPermission "*",
>> "createPages,createGroups"; };
>>
>> --------------/
>>
>>
>> Regards,
>>
>> Xiaoming
>>
>> ________________________________________
>> From: Rolf Schumacher [rolf@august.de]
>> Sent: 23 June 2015 22:44
>> To: user@jspwiki.apache.org
>> Subject: Closed
>>
>> Dear JSPWiki insiders
>>
>> I would like to open a JSPWiki to a limited set of contributers.
>> I did several experiments with editing jspwiki.policy without success.
>> I must say I am not able to understand the logic behind it and stopped
>> trying it.
>>
>> Is there just an ready-to-use example of a jspwiki.policy for a
>> limited set of users?
>>
>> --
>> Viele Grüße, Best Regards
>>
>> Rolf Schumacher
RE: Closed
Posted by Xiaoming Yang <xi...@ctsu.ox.ac.uk>.
What does your policy look like, Rolf?
Regards,
Xiaoming
-----Original Message-----
From: Rolf Schumacher [mailto:rolf@august.de]
Sent: 28 June 2015 13:50
To: user@jspwiki.apache.org
Subject: RE: Closed
Thank you for your answer, Xiaoming
Had a few problems with entering the first new name to userdatabase.xml.
With some complicated procedure I had the luck of being authenticated - according to logging (back-and-forth with old an new jspwiki.policy, cannot commit "easy").
Now I am facing a followup problem that I am not able to solve on my
own: the user seems to be authenticated but is not allowed of viewing Main page.
Here are the logging messages:
2015-06-28 14:29:40,481 [http-nio-8080-exec-6] INFO JSPWiki Jspwiki:/jspwiki/Login.jsp Jspwiki:http://wiki.url.com/jspwiki/Login.jsp
- Successfully authenticated user ngong (custom auth)
2015-06-28 14:29:40,481 [http-nio-8080-exec-6] INFO JSPWiki Jspwiki:/jspwiki/Login.jsp Jspwiki:http://wiki.url.com/jspwiki/Login.jsp
- Redirecting user to https://wiki.url.com/Wiki.jsp?page=Main
2015-06-28 14:29:40,487 [http-nio-8080-exec-7] INFO org.apache.wiki.auth.AuthorizationManager Jspwiki:/jspwiki/Wiki.jsp Jspwiki:http://wiki.url.com/jspwiki/Wiki.jsp - User The Name has no access - redirecting
(permission=("org.apache.wiki.auth.permissions.PagePermission","Jspwiki:Main","view"))
2015-06-28 14:29:40,499 [http-nio-8080-exec-8] INFO org.apache.wiki.util.PropertyReader Jspwiki:/jspwiki/Login.jsp Jspwiki:http://wiki.url.com/jspwiki/Login.jsp - No jspwiki.custom.config defined for this context, looking for custom properties file with default name of: /jspwiki-custom.properties
Do you got another hint for me?
---
Viele Grüße, Best Regards
Rolf Schumacher
Am 24.06.2015 06:22, schrieb Xiaoming Yang:
> Hi Rolf,
>
> It is quite easy to create your own policy. For example, here is my
> policy, which only allow Authenticated users to use the wiki.
>
> /--------------
>
> grant principal org.apache.wiki.auth.authorize.Role "All" {
> permission org.apache.wiki.auth.permissions.WikiPermission "*",
> "login"; };
>
> grant principal org.apache.wiki.auth.authorize.Role "Anonymous" { };
>
> grant principal org.apache.wiki.auth.authorize.Role "Asserted" { };
>
> grant principal org.apache.wiki.auth.authorize.Role "Authenticated" {
> permission org.apache.wiki.auth.permissions.PagePermission "*:*",
> "view,modify,rename";
> permission org.apache.wiki.auth.permissions.GroupPermission "*:*",
> "view";
> permission org.apache.wiki.auth.permissions.GroupPermission
> "*:<groupmember>", "edit";
> permission org.apache.wiki.auth.permissions.WikiPermission "*",
> "createPages,createGroups"; };
>
> --------------/
>
>
> Regards,
>
> Xiaoming
>
> ________________________________________
> From: Rolf Schumacher [rolf@august.de]
> Sent: 23 June 2015 22:44
> To: user@jspwiki.apache.org
> Subject: Closed
>
> Dear JSPWiki insiders
>
> I would like to open a JSPWiki to a limited set of contributers.
> I did several experiments with editing jspwiki.policy without success.
> I must say I am not able to understand the logic behind it and stopped
> trying it.
>
> Is there just an ready-to-use example of a jspwiki.policy for a
> limited set of users?
>
> --
> Viele Grüße, Best Regards
>
> Rolf Schumacher
RE: Closed
Posted by Rolf Schumacher <ro...@august.de>.
Thank you for your answer, Xiaoming
Had a few problems with entering the first new name to userdatabase.xml.
With some complicated procedure I had the luck of being authenticated -
according to logging (back-and-forth with old an new jspwiki.policy,
cannot commit "easy").
Now I am facing a followup problem that I am not able to solve on my
own: the user seems to be authenticated but is not allowed of viewing
Main page.
Here are the logging messages:
2015-06-28 14:29:40,481 [http-nio-8080-exec-6] INFO JSPWiki
Jspwiki:/jspwiki/Login.jsp Jspwiki:http://wiki.url.com/jspwiki/Login.jsp
- Successfully authenticated user ngong (custom auth)
2015-06-28 14:29:40,481 [http-nio-8080-exec-6] INFO JSPWiki
Jspwiki:/jspwiki/Login.jsp Jspwiki:http://wiki.url.com/jspwiki/Login.jsp
- Redirecting user to https://wiki.url.com/Wiki.jsp?page=Main
2015-06-28 14:29:40,487 [http-nio-8080-exec-7] INFO
org.apache.wiki.auth.AuthorizationManager Jspwiki:/jspwiki/Wiki.jsp
Jspwiki:http://wiki.url.com/jspwiki/Wiki.jsp - User The Name has no
access - redirecting
(permission=("org.apache.wiki.auth.permissions.PagePermission","Jspwiki:Main","view"))
2015-06-28 14:29:40,499 [http-nio-8080-exec-8] INFO
org.apache.wiki.util.PropertyReader Jspwiki:/jspwiki/Login.jsp
Jspwiki:http://wiki.url.com/jspwiki/Login.jsp - No jspwiki.custom.config
defined for this context, looking for custom properties file with
default name of: /jspwiki-custom.properties
Do you got another hint for me?
---
Viele Grüße, Best Regards
Rolf Schumacher
Am 24.06.2015 06:22, schrieb Xiaoming Yang:
> Hi Rolf,
>
> It is quite easy to create your own policy. For example, here is my
> policy, which only allow Authenticated users to use the wiki.
>
> /--------------
>
> grant principal org.apache.wiki.auth.authorize.Role "All" {
> permission org.apache.wiki.auth.permissions.WikiPermission "*",
> "login";
> };
>
> grant principal org.apache.wiki.auth.authorize.Role "Anonymous" {
> };
>
> grant principal org.apache.wiki.auth.authorize.Role "Asserted" {
> };
>
> grant principal org.apache.wiki.auth.authorize.Role "Authenticated" {
> permission org.apache.wiki.auth.permissions.PagePermission "*:*",
> "view,modify,rename";
> permission org.apache.wiki.auth.permissions.GroupPermission "*:*",
> "view";
> permission org.apache.wiki.auth.permissions.GroupPermission
> "*:<groupmember>", "edit";
> permission org.apache.wiki.auth.permissions.WikiPermission "*",
> "createPages,createGroups";
> };
>
> --------------/
>
>
> Regards,
>
> Xiaoming
>
> ________________________________________
> From: Rolf Schumacher [rolf@august.de]
> Sent: 23 June 2015 22:44
> To: user@jspwiki.apache.org
> Subject: Closed
>
> Dear JSPWiki insiders
>
> I would like to open a JSPWiki to a limited set of contributers.
> I did several experiments with editing jspwiki.policy without success.
> I must say I am not able to understand the logic behind it and stopped
> trying it.
>
> Is there just an ready-to-use example of a jspwiki.policy for a limited
> set of users?
>
> --
> Viele Grüße, Best Regards
>
> Rolf Schumacher
RE: Closed
Posted by Xiaoming Yang <xi...@ctsu.ox.ac.uk>.
Hi Rolf,
It is quite easy to create your own policy. For example, here is my policy, which only allow Authenticated users to use the wiki.
/--------------
grant principal org.apache.wiki.auth.authorize.Role "All" {
permission org.apache.wiki.auth.permissions.WikiPermission "*", "login";
};
grant principal org.apache.wiki.auth.authorize.Role "Anonymous" {
};
grant principal org.apache.wiki.auth.authorize.Role "Asserted" {
};
grant principal org.apache.wiki.auth.authorize.Role "Authenticated" {
permission org.apache.wiki.auth.permissions.PagePermission "*:*", "view,modify,rename";
permission org.apache.wiki.auth.permissions.GroupPermission "*:*", "view";
permission org.apache.wiki.auth.permissions.GroupPermission "*:<groupmember>", "edit";
permission org.apache.wiki.auth.permissions.WikiPermission "*", "createPages,createGroups";
};
--------------/
Regards,
Xiaoming
________________________________________
From: Rolf Schumacher [rolf@august.de]
Sent: 23 June 2015 22:44
To: user@jspwiki.apache.org
Subject: Closed
Dear JSPWiki insiders
I would like to open a JSPWiki to a limited set of contributers.
I did several experiments with editing jspwiki.policy without success.
I must say I am not able to understand the logic behind it and stopped
trying it.
Is there just an ready-to-use example of a jspwiki.policy for a limited
set of users?
--
Viele Grüße, Best Regards
Rolf Schumacher