trying to get a new instance of jspWiki to recognize changes I have made ins
jspwiki.policy:
grant principal com.ecyrd.jspwiki.auth.authorize.Role "All" {
permission com.ecyrd.jspwiki.auth.permissions.WikiPermission "*",
"login";
};
grant principal com.ecyrd.jspwiki.auth.authorize.Role "Authenticated" {
permission com.ecyrd.jspwiki.auth.permissions.PagePermission "*:*",
"view";
};
grant principal com.ecyrd.jspwiki.auth.GroupPrincipal "Admin" {
permission com.ecyrd.jspwiki.auth.permissions.AllPermission "*";
};
grant principal com.ecyrd.jspwiki.auth.authorize.Role "Admin" {
permission com.ecyrd.jspwiki.auth.permissions.AllPermission "*";
};
When I login as a user that does NOT have admin privileges, they still have
edit writes to all pages. It seems to be because this code:
protected final boolean verifyStaticPermission( Principal principal,
final Permission permission )
{
Subject subject = new Subject();
subject.getPrincipals().add( principal );
boolean allowedByGlobalPolicy = ((Boolean)
Subject.doAsPrivileged( subject, new PrivilegedAction<Object>()
...
always returns true.
I don't know enough about that call to know where to turn. Anyone have a
direction? I am running the latest version 2.8.4 under Websphere 7.0.9
