Thanks for your response.
As a last-ditch effort, I tried to give this wiki group full permission
in the jspwiki.policy file by copying the "Admin" group info and
changing the group name (maybe I got this wrong?):
grant principal com.ecyrd.jspwiki.auth.GroupPrincipal "WSLLAdmins" {
permission com.ecyrd.jspwiki.auth.permissions.AllPermission "*";
};
Prior to trying that, I had also tried:
grant principal com.ecyrd.jspwiki.auth.GroupPrincipal "WSLLAdmins" {
permission com.ecyrd.jspwiki.auth.permissions.PagePermission "*:*",
"delete";
};
All test members were already in the wiki group "WSLLAdmins".
I should note that all other restrictions we set in the policy file DO
work. So we restricted users who weren't signed in from editing the wiki
and that continues to work totally fine. That's why I was wondering if I
was using the wrong syntax for this other "WSLLAdmins" wiki group.
I don't have access to the log files (long story). I'll see if I can
find out more. In the meantime, is there something obviously wrong with
either of the commands included above? Maybe I just misunderstood how
those work.
thanks!
Carol
>>> Florian Holeczek <[email protected]> 10/25/2011 11:33 AM >>>
Hello Carol,
could you post the policy settings you're trying to set?
Do the log files tell anything?
Which groups are the relevant users in?
Which Servlet Container / Application Server are you using, and which
version and vendor of Java is it run with? Is it running without a
security manager (see JSPWIKI-129)?
Please also have a look at the mail thread in
http://www.mail-archive.com/[email protected]/msg02855.html
Regards
Florian
----- Ursprüngliche Mail -----
Von: "Carol Hassler" <[email protected]>
An: [email protected]
Gesendet: Dienstag, 25. Oktober 2011 17:41:52
Betreff: wiki security and the policy file
Hello,
I am trying to set up limited permissions for a specific wiki group
(call the group "WikiAdmins") to delete pages. I don't want to grant
them the full power of the Admin group, so I'm trying to set limited
permissions via the policy file.
I've been following instructions here:
http://doc.jspwiki.org/2.4/wiki/Wiki.Admin.Security#section-Wiki.Admin.Security-ModifyingTheDefaultSecurityPolicy
And can't seem to get these permissions to work. I even tried copying
directly the "Admin" permissions already in the policy file, pasting
those onto the end of the file and changing the group name to
"WikiAdmins", but that doesn't seem to work for me either.
Does anyone have any suggestions for what I'm missing here? We're on
v.2.8.4.
Thanks!
Carol
