On Feb 1, 2008 1:21 AM, Greg Hamer <[EMAIL PROTECTED]> wrote:
> Is there currently a setting whereby Roller will allow blog entries to be
> viewed only by logged users?
>
> Essentially making the entire Roller instance Protected?
There is no Roller configuration parameter, but since Roller uses Spring
Acegi for authenticatio, I think you could do that by modifying the Spring
Acegi configuration file WEB-INF/security.xml.
For example, what if you were to add the "/**" pattern below to the
filterInvocationInterceptor?
<bean id="filterInvocationInterceptor" class="
org.acegisecurity.intercept.web.FilterSecurityInterceptor">
<property name="authenticationManager" ref="authenticationManager"/>
<property name="accessDecisionManager" ref="accessDecisionManager"/>
<property name="objectDefinitionSource">
<value>
<value>
PATTERN_TYPE_APACHE_ANT
/**=admin,editor
I think that might do the trick.
- Dave
On Nov 28, 2007 7:40 AM, Dave <[EMAIL PROTECTED]> wrote:
>
> > On Nov 28, 2007 10:24 AM, Thinkboy <[EMAIL PROTECTED]> wrote:
> > > On 2007-11-26 22:44:57 +0800, Dave <[EMAIL PROTECTED]> said:
> > >
> > > > On Nov 21, 2007 5:47 AM, Thinkboy <[EMAIL PROTECTED]>
> wrote:
> > > >> I am thinking how to set a certain blog as private , then whoever
> > > >> trying to view this entry will be authenticated.
> > > >
> > > > What if weblog posts had the following levels of privacy:
> > > >
> > > > - Private: only members of the blog can see the entry
> > > > - Protected: only logged in Roller users can see the entry
> > > > - Public: everybody (including anonymous visitors) can see the entry
> > > >
> > > > Would that be sufficient?
> > >
> > > yes, this is exactly what I am thinking too (private, protected,
> > > public) . i believe, it is a great feature!
> > >
> > > very appreciated that roller community does consider this in the near
> > > future release. COOL! . :-D
> >
> > Despite the fact that I just spent a month or more reworking Roller's
> > user/permissions management system (http://tinyurl.com/28br55 is now
> > in trunk), I don't have an immediate requirement for private/protected
> > weblogs or weblog entries and I don't think any of the other
> > contributors do either. I *do* think these are important features,
> > but I just don't have a requirement for them right now.
> >
> > So, if you really want protected/private blog posts, you might have to
> > push pretty hard for it, i.e. look at the source code, understand the
> > permission system, propose & discuss some solution(s) and if that goes
> > well develop a patch.
> >
> > - Dave
> >
>
