I have got this working, it took some time but I hope the below helps:
I have got this working on my Apache Tomcat JSP Wiki Deployment:
Tomcat Users Conf File:
<role rolename="Admin"/>
<role rolename="Authenticated"/>
<role rolename="Trusted"/>
<user username="col" password="SomePa55word" roles="Admin"/>
----------------------------------
On your Wiki Pages....
For Group Level Restrictions:
[{ALLOW comment Authenticated}]
[{ALLOW modify Admin}]
For User Level Restriction:
[{ALLOW view col}]
[{ALLOW modify col}]
-------------------------------------
Now for the tricky bit, in JSPWiki-WAR Code:
jspwiki.policy File:
(Attached)
-------------------
At the end of the web.xml:
...
<security-constraint>
<web-resource-collection>
<web-resource-name>Administrative Area</web-resource-name>
<url-pattern>/Wiki.jsp</url-pattern>
<url-pattern>/Delete.jsp</url-pattern>
<url-pattern>/Edit.jsp</url-pattern>
<url-pattern>/Comment.jsp</url-pattern>
<url-pattern>/Login.jsp</url-pattern>
<url-pattern>/NewGroup.jsp</url-pattern>
<url-pattern>/Rename.jsp</url-pattern>
<url-pattern>/Upload.jsp</url-pattern>
<url-pattern>/attach</url-pattern>
<http-method>DELETE</http-method>
<http-method>GET</http-method>
<http-method>HEAD</http-method>
<http-method>POST</http-method>
<http-method>PUT</http-method>
</web-resource-collection>
<auth-constraint>
<role-name>Admin</role-name>
</auth-constraint>
<user-data-constraint>
<transport-guarantee>CONFIDENTIAL</transport-guarantee>
</user-data-constraint>
</security-constraint>
<security-constraint>
<web-resource-collection>
<web-resource-name>Trusted Area</web-resource-name>
<url-pattern>/Wiki.jsp</url-pattern>
<url-pattern>/Edit.jsp</url-pattern>
<url-pattern>/Comment.jsp</url-pattern>
<url-pattern>/Login.jsp</url-pattern>
<url-pattern>/Rename.jsp</url-pattern>
<url-pattern>/Upload.jsp</url-pattern>
<url-pattern>/attach</url-pattern>
<http-method>GET</http-method>
<http-method>HEAD</http-method>
<http-method>POST</http-method>
<http-method>PUT</http-method>
</web-resource-collection>
<auth-constraint>
<role-name>Trusted</role-name>
</auth-constraint>
<user-data-constraint>
<transport-guarantee>CONFIDENTIAL</transport-guarantee>
</user-data-constraint>
</security-constraint>
<security-constraint>
<web-resource-collection>
<web-resource-name>Authenticated area</web-resource-name>
<url-pattern>/Wiki.jsp</url-pattern>
<url-pattern>/Comment.jsp</url-pattern>
<url-pattern>/Login.jsp</url-pattern>
<http-method>DELETE</http-method>
<http-method>GET</http-method>
<http-method>HEAD</http-method>
<http-method>POST</http-method>
<http-method>PUT</http-method>
</web-resource-collection>
<auth-constraint>
<role-name>Authenticated</role-name>
</auth-constraint>
<user-data-constraint>
<transport-guarantee>CONFIDENTIAL</transport-guarantee>
</user-data-constraint>
</security-constraint>
<login-config>
<auth-method>FORM</auth-method>
<form-login-config>
<form-login-page>/LoginForm.jsp</form-login-page>
<form-error-page>/LoginForm.jsp</form-error-page>
</form-login-config>
</login-config>
<security-role>
<description>
This logical role includes all Admin usersit
</description>
<role-name>Admin</role-name>
</security-role>
<security-role>
<description>
This logical role includes all Trusted users
</description>
<role-name>Trusted</role-name>
</security-role>
<security-role>
<description>
This logical role includes all Authenticated users
</description>
<role-name>Authenticated</role-name>
</security-role>
</web-app>
---------------------------
There may have been other settings but I can not see these at the moment.
Hope this helps
On 1 February 2016 at 00:25, Jason Morris <[email protected]>
wrote:
> Hi All,
> I'd like to request a feature to restrict page access/edit to users in
> certain roles.
> Does anyone know if this already possible in JSPWiki?
> Cheers,
> Jason
>
>
> Jason C. Morris | PhD Candidate
> Department of Environmental Sciences | Faculty of Agriculture and
> Environment
> THE UNIVERSITY OF SYDNEY, NSW, 2006
> phone: +61 02 8627 1152
>
>
--
Col W
