It may depend on the version of JSPWiki that you are running. Step 1.
What are the container roles that have been defined? Easy way to find out is to http://yourwiki:8080/admin/frameset.jsp and select "Roles". Hopefully, you'll see something like... Role Name Description Admin DATASET/some.madeup.or.real.name/READ manager FACILITY/BPX.SERVER/READ user DATASET/another.dataset.name/ALTER Then off to the JSPWiki stuff in web.xml in the directory ../tomcat/webapps/JSPWiki/WEB-INF/web.xml Find the security constraint section... <security-constraint> <web-resource-collection> <web-resource-name>Protected Area</web-resource-name> <url-pattern>/Edit.jsp</url-pattern> <url-pattern>/Upload.jsp</url-pattern> <url-pattern>/Comment.jsp</url-pattern> <url-pattern>/Delete.jsp</url-pattern> <http-method>DELETE</http-method> <http-method>GET</http-method> <http-method>POST</http-method> <http-method>HEAD</http-method> <http-method>PUT</http-method> </web-resource-collection> <web-resource-collection> <web-resource-name>Read-only Area</web-resource-name> <url-pattern>/attach</url-pattern> <http-method>DELETE</http-method> <http-method>POST</http-method> <http-method>PUT</http-method> </web-resource-collection> <auth-constraint> <role-name>admin</role-name> <role-name>user</role-name> </auth-constraint> </security-constraint> <login-config> <auth-method>BASIC</auth-method> <realm-name>JSPWiki Editor</realm-name> </login-config> The real important stuff is located in the <auth-constraint> .. the <role-name> should exist as a "Role" in the Tomcat "Role List". It is an exact match which means that "Admin" and "admin" are to completely different roles... and then have to different SAF dataset checks for authorization. -Rob Schramm p.s. I think you'll find that just having security turned on generates a lot of tracking. The need to actually lock some pages and not others becomes more of a moot point if the user's userid is attached to every edit that they perform. -----Original Message----- From: IBM Mainframe Discussion List [mailto:[EMAIL PROTECTED] On Behalf Of Benjamin Thompson Sent: Tuesday, March 13, 2007 8:51 PM To: IBM-MAIN@BAMA.UA.EDU Subject: JSPWiki and RACF This question might be best answered by Mr Wiki himself Rob Schramm, but I am sure others have resolved or looked into this issue. We have been running JSPWiki for sometime on z/OS, but now have a requirement to lock access to some of the pages. I have implemented jzos within tomcat so that SAF calls to RACF now work. The bit that I am stuck on is how to get JSPWiki though jspwiki.properties using the rolls defined (RACF) within tomcat. I have found a reference in the JSPwiki documentation to jspwiki.useContainerAuth = false, but the documentation seems to be altille lite. Thanks Benjamin Thompson Systems Programmer Department of Corporate and Information Services www.nt.gov.au ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html This e-mail transmission contains information that is confidential and may be privileged. It is intended only for the addressee(s) named above. If you receive this e-mail in error, please do not read, copy or disseminate it in any manner. If you are not the intended recipient, any disclosure, copying, distribution or use of the contents of this information is prohibited. Please reply to the message immediately by informing the sender that the message was misdirected. After replying, please erase it from your computer system. Your assistance in correcting this error is appreciated. ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
