Hi all, Anyone have any ideas why the jspwiki.policy code below won't work with JSPwiki 2.8.4? thanks
>>> "Carol Hassler" <[email protected]> 10/25/2011 12:17 PM >>> Thanks for your response. As a last-ditch effort, I tried to give this wiki group full permission in the jspwiki.policy file by copying the "Admin" group info and changing the group name (maybe I got this wrong?): grant principal com.ecyrd.jspwiki.auth.GroupPrincipal "WSLLAdmins" { permission com.ecyrd.jspwiki.auth.permissions.AllPermission "*"; }; Prior to trying that, I had also tried: grant principal com.ecyrd.jspwiki.auth.GroupPrincipal "WSLLAdmins" { permission com.ecyrd.jspwiki.auth.permissions.PagePermission "*:*", "delete"; }; All test members were already in the wiki group "WSLLAdmins". I should note that all other restrictions we set in the policy file DO work. So we restricted users who weren't signed in from editing the wiki and that continues to work totally fine. That's why I was wondering if I was using the wrong syntax for this other "WSLLAdmins" wiki group. I don't have access to the log files (long story). I'll see if I can find out more. In the meantime, is there something obviously wrong with either of the commands included above? Maybe I just misunderstood how those work. thanks! Carol >>> Florian Holeczek <[email protected]> 10/25/2011 11:33 AM >>> Hello Carol, could you post the policy settings you're trying to set? Do the log files tell anything? Which groups are the relevant users in? Which Servlet Container / Application Server are you using, and which version and vendor of Java is it run with? Is it running without a security manager (see JSPWIKI-129)? Please also have a look at the mail thread in http://www.mail-archive.com/[email protected]/msg02855.html Regards Florian ----- Ursprüngliche Mail ----- Von: "Carol Hassler" <[email protected]> An: [email protected] Gesendet: Dienstag, 25. Oktober 2011 17:41:52 Betreff: wiki security and the policy file Hello, I am trying to set up limited permissions for a specific wiki group (call the group "WikiAdmins") to delete pages. I don't want to grant them the full power of the Admin group, so I'm trying to set limited permissions via the policy file. I've been following instructions here: http://doc.jspwiki.org/2.4/wiki/Wiki.Admin.Security#section-Wiki.Admin.Security-ModifyingTheDefaultSecurityPolicy And can't seem to get these permissions to work. I even tried copying directly the "Admin" permissions already in the policy file, pasting those onto the end of the file and changing the group name to "WikiAdmins", but that doesn't seem to work for me either. Does anyone have any suggestions for what I'm missing here? We're on v.2.8.4. Thanks! Carol
