[
https://issues.apache.org/jira/browse/JSPWIKI-16?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Florian Holeczek closed JSPWIKI-16.
-----------------------------------
> Problem with group security and membership
> ------------------------------------------
>
> Key: JSPWIKI-16
> URL: https://issues.apache.org/jira/browse/JSPWIKI-16
> Project: JSPWiki
> Issue Type: Bug
> Components: Authentication&Authorization
> Affects Versions: 2.5.139-beta
> Environment: Tomcat 5.5.17 jre 1.50.13
> Reporter: Alex Samad
>
> Hi
>
>
>
>
>
> I am having a problem with 2.5.138 and group membership and the ability to
>
>
> upload attachments
>
>
>
>
>
> on the top of one of my pages I had this (my site setup to not allow anony
>
>
> modifications)
>
>
>
>
>
> [{ALLOW view Anonymous}]
>
>
> [{ALLOW edit Family}]
>
>
>
>
>
> the Family group is made up of this
>
>
> <group name="Family" creator="Alex Samad" created="2006.10.21 at 15:58:05:778
>
>
> EST" modifier="AlexSamad" lastModified="2007.10.07 at 04:17:11:050 EST">
>
>
> <member principal="kathrinhuf" />
>
>
> <member principal="kathrin huf" />
>
>
> <member principal="kathrin" />
>
>
> <member principal="Alex Samad" />
>
>
> <member principal="alex" />
>
>
> </group>
>
>
>
>
>
>
>
>
> I use container authentication but this is the user.xml
>
>
> <users>
>
>
> <user loginName="alex" wikiName="alex" fullName="Alex Samad"
>
>
> email="[email protected]" password="" created="2006.10.20 at 15:58:16:561
> EST"
>
> lastModified="2006.10.21 at 15:42:55:658 EST" />
>
>
> <user loginName="kathrin" wikiName="kathrin" fullName="Kathrin Huf"
>
>
> email="[email protected]" password="" created="2006.10.20 at 15:58:16:561
>
>
> EST" lastModified="Jul 17, 2006 8:03:23 PM" />
>
>
>
>
>
>
>
>
> in ldap I have 2 user called alex and kathrin that map to the above 2
>
>
>
>
>
> both of us can edit the page, but only I can upload attachments to the page,
>
>
> when kathrin looks at the attachment page she is told only authenticated
> users
>
> can upload....
>
>
>
>
>
> when I remove the to ALLOW statements we both have access
>
>
>
>
>
> from jspwiki.policy
>
>
> grant principal com.ecyrd.jspwiki.auth.authorize.Role "All" {
>
>
> permission com.ecyrd.jspwiki.auth.permissions.PagePermission "*:*",
> "view";
>
> permission com.ecyrd.jspwiki.auth.permissions.WikiPermission "*",
>
>
> "editPreferences";
>
>
> permission com.ecyrd.jspwiki.auth.permissions.WikiPermission "*",
>
>
> "editProfile";
>
>
> permission com.ecyrd.jspwiki.auth.permissions.WikiPermission "*",
> "login";
>
> };
>
>
>
>
>
>
>
>
> grant principal com.ecyrd.jspwiki.auth.authorize.Role "Anonymous" {
>
>
> permission com.ecyrd.jspwiki.auth.permissions.PagePermission "*:*",
>
>
> "modify";
>
>
> permission com.ecyrd.jspwiki.auth.permissions.WikiPermission "*",
>
>
> "createPages";
>
>
> };
>
>
>
>
>
> grant principal com.ecyrd.jspwiki.auth.authorize.Role "Asserted" {
>
>
> permission com.ecyrd.jspwiki.auth.permissions.PagePermission "*:*", "modify";
>
>
> permission com.ecyrd.jspwiki.auth.permissions.WikiPermission "*",
>
>
> "createPages";
>
>
> permission com.ecyrd.jspwiki.auth.permissions.GroupPermission "*:*", "view";
>
>
> };
>
>
>
>
>
>
>
>
> grant principal com.ecyrd.jspwiki.auth.authorize.Role "Authenticated" {
>
>
> permission com.ecyrd.jspwiki.auth.permissions.PagePermission "*:*",
>
>
> "modify,rename";
>
>
> permission com.ecyrd.jspwiki.auth.permissions.GroupPermission "*:*", "view";
>
>
> permission com.ecyrd.jspwiki.auth.permissions.GroupPermission
>
>
> "*:<groupmember>", "edit";
>
>
> permission com.ecyrd.jspwiki.auth.permissions.WikiPermission "*",
>
>
> "createPages,createGroups";
>
>
> };
>
>
>
>
>
> grant principal com.ecyrd.jspwiki.auth.GroupPrincipal "Admin" {
>
>
> permission com.ecyrd.jspwiki.auth.permissions.AllPermission "*";
>
>
> };
>
>
> grant principal com.ecyrd.jspwiki.auth.authorize.Role "WikiAdmin" {
>
>
> permission com.ecyrd.jspwiki.auth.permissions.AllPermission "*";
>
>
> };
>
>
>
>
>
> I have created a role called WikiAdmin.
>
>
>
>
>
>
>
>
> So has any one else seen this problem ? Or is it because I have done
> something
>
> strange with my security setup
>
>
>
>
>
> Alex
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira
