This page (revision-1) was last changed on 29-Nov-2024 16:16 by UnknownAuthor

Only authorized users are allowed to rename pages.

Only authorized users are allowed to delete pages.

Page revision history

Version Date Modified Size Author Changes ... Change note

Page References

Incoming links Outgoing links
WIKI-Security Policy
WIKI-Security Policy

Version management

Difference between version and

At line 1 added 35 lines
!!! Overview
[JSPWiki] decides whether to allow a [Resource Action] by consulting two sources of information:
* [WIKI-ACLs] (Page access control lists) - per-page markup defining access restrictions
* [jspwiki.policy] - a predefined set of privileges for each type of user!! [{$pagename}] Hierarchy
* [jspwiki.policy]
** [WIKI-ACLs]
!!
To make it easy for users to quickly get productive, JSPWiki ships with a fairly loose __default policy__ out of the box:
|| Permission || [Anonymous Users|WIKI-Roles] || [Asserted Users|WIKI-Roles] || [Authenticated Users|WIKI-Roles] || Admin group|| Implied Permission
| VIEW all pages | x | x | x | x |
| EDIT all pages | x | x | x | x | VIEW\\COMMENT
| UPLOAD attachments to all pages | | | x | x |
| MODIFY all pages| | | x | x| EDIT\\UPLOAD
| COMMENT on all existing pages | x | x | x | x|VIEW
| CREATE new pages | x | x | x | x|
| RENAME all pages | | | x | x| EDIT
| DELETE all pages | | | | x|EDIT
| VIEW all [WIKI-Groups] | | x | x | x|
| EDIT all [WIKI-Groups] | | | x | x|
| RENAME all [WIKI-Groups] | | | x | x|
| DELETE all [WIKI-Groups] | | | | x|
| CREATE new [WIKI-Groups] | | | x | x|
| CREATE [WIKI-Profile]| x | x | x | x|
| EDIT user preferences | | | x | x|
| EDIT [WIKI-Profile] | | | x | x|
These privileges are the defaults. For page actions such as viewing, editing, and commenting, the privileges can be restricted further by adding an [WIKI-ACLs] to particular pages. It is important to note that [WIKI-ACLs] cannot elevate privileges above those already granted by the [{$pagename}]. For example, if the policy states that Anonymous users can read all pages (but not edit), an ACL on page ''Main'' that attempts to grant the {{Edit}} privilege to Anonymous ''will not work.''
JSPWiki uses the standard Java 2 security policy APIs under the covers. Default permissions are granted using standard local security policy file syntax. When JSPWiki starts up, it loads the default policy file (stored in {{WEB-INF/jspwiki.policy}}). The "local policy" that is always read from WEB-INF/jspwiki.policy. The local [{$pagename}] will supplement the JVM-wide policy.
[JSPWiki]'s default policy is suitable for a small team. It is probably too loose for a corporate intranet or public wiki.!! More Information
There might be more information for this subject on one of the following:
[{ReferringPagesPlugin before='*' after='\n' }]
This page (revision-1) was last changed on 29-Nov-2024 16:16 by UnknownAuthorTop