[
https://issues.apache.org/jira/browse/JSPWIKI-345?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Florian Holeczek closed JSPWIKI-345.
------------------------------------
> Security Policy for a Single User
> ---------------------------------
>
> Key: JSPWIKI-345
> URL: https://issues.apache.org/jira/browse/JSPWIKI-345
> Project: JSPWiki
> Issue Type: Bug
> Components: Authentication&Authorization
> Affects Versions: 2.6.3
> Environment: Tomcat 6.0 on RHEL5.
> Reporter: Paul Edelman
> Assignee: Andrew Jaquith
> Priority: Minor
> Fix For: 2.8.1
>
>
> The procedure listed in
> http://doc.jspwiki.org/2.4/wiki/Security#section-Security-CustomizingJSPWikiSecurity
> regarding creating a security policy for an individual user does not appear
> to work. After having followed the instructions several times we are unable
> to grant specific access to an individual user in JSPWiki. To be certain
> that the changes had taken affected we did restart the application between
> changes. We are certain that the user existed and could login with other
> default permissions. We even removed all other custom policies to see if
> they were in conflict and added only the users policy. After attempting
> login for the given user none of the permissions granted to them in the
> policy had effect. The policy for the user was defined as such:
> grant principal "Username" {
> permission com.ecyrd.jspwiki.auth.permissions.PagePermission "*:*",
> "view, modify";
> };
> This is likely a matter of out dated documentation, or a misunderstanding of
> how to grant the principal. We later added a group principal for a group
> containing only the user and the permissions went into affect without any
> problems. We would rather like to not have to create a user and user group
> for each user we create that we want to give a special security policy to.
> Thanks.
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira
