You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@jspwiki.apache.org by "Harry Metske (JIRA)" <ji...@apache.org> on 2011/09/18 17:24:08 UTC

[jira] [Closed] (JSPWIKI-687) 2.8.4 - ACL/jspwiki.policy ignored

     [ https://issues.apache.org/jira/browse/JSPWIKI-687?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Harry Metske closed JSPWIKI-687.
--------------------------------

    Resolution: Invalid

There has been a long mail discussion about this, see http://www.mail-archive.com/jspwiki-user@incubator.apache.org/msg02870.html 



> 2.8.4 - ACL/jspwiki.policy ignored
> ----------------------------------
>
>                 Key: JSPWIKI-687
>                 URL: https://issues.apache.org/jira/browse/JSPWIKI-687
>             Project: JSPWiki
>          Issue Type: Bug
>          Components: Authentication&Authorization
>    Affects Versions: 2.8.4
>         Environment: CentOS 5.5, JDK 1.6.0_24, JSPWiki 2.8.4
>            Reporter: Ken George
>            Priority: Critical
>              Labels: security
>
> For some reason, security policy file (jspwiki.policy) is being ignored!  This was working, but for some reason, inexplicably stopped.  Re-installed product using downloaded .war file on new machine and followed same steps to implement restricted access for Anonymous/Asserted users and removed access to ALL users (with acception of Admin user) - problem still exists!  Setting ACL in page [{ALLOW view Admin}] on Main, LeftMenu, News pages is also ignored and not taken into affect with user attempts to view page (user can still EDIT page even though policy removed modify from PagePermissions).

--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira