Janne Jalkanen wrote:
> Murray Altheim wrote:
Yes, understood. The PITA aspect is something I neither have time nor
patience for. I just figured that if the scenario was such that the
vast majority of pages were private and only a small number public
there might be a way to special-case those public pages, like grant
public access to only a set of pages that show up in a list somewhere,
that list maintainable by admins. So if there's 2000 pages they're
all handled by the default higher-security set in jspwiki.jaas, with
the six or seven pages manually set as public.
Our DefaultAclManager implementation does not really allow for that kind
of stuff. If you can edit a page, you can also edit its ACL. It's one
of these "if you don't trust your users, don't let them near your wiki"
-things :-).
Having said that, the AclManager system *is* (in theory) pluggable, and
it would be pretty easy to make your own one. All you need to do is to
provide an implementation which, instead reading the Acl from a page,
checks the permissions against some external database and returns a
proper Acl when given a WikiPage. You can even extend from the
DefaultAclManager, do a quick check, and then default to the super
implementation.
E.g.
public class MurraysAclManager extends DefaultAclManager
[...]
It would make a nice ContributedPlugin ;-).
Woof. Yes, agreed. But god I don't need Yet Another Project. But that's
a good idea, certainly.
(The reason I'm saying it's pluggable in theory is because the necessary
code in WikiEngine.getAclManager() is missing. But it would be a
trivial patch to do, and if you choose to go this way, I'll be happy to
put it in the current CVS.)
I'll look into this over the next few days. It's too bad we don't have
even one or two more people doing active development who could take
this one on, as I'm pretty maxxed out right now (not that this is
unusual).
Murray
...........................................................................
Murray Altheim <murray07 at altheim.com> === = =
http://www.altheim.com/murray/ = = ===
SGML Grease Monkey, Banjo Player, Wantanabe Zen Monk = = = =
Boundless wind and moon - the eye within eyes,
Inexhaustible heaven and earth - the light beyond light,
The willow dark, the flower bright - ten thousand houses,
Knock at any door - there's one who will respond.
-- The Blue Cliff Record
_______________________________________________
This is the Jspwiki-users mailing list, in which we discuss the
stable release (even-numbered, 2.4.x, 2.6.x), and user-issues.
For development discussion, please join jspwiki-dev.
http://ecyrd.com/cgi-bin/mailman/listinfo/jspwiki-users
http://www.jspwiki.org/JSPWikiMailingList
