<meta charset="UTF-8">
<meta name="robots" content="noindex,nofollow" />
<link rel="shortcut icon" type="image/x-icon" href="/wiki/images/favicon.ico" />
<link rel="icon" type="image/x-icon" href="/wiki/images/favicon.ico" />

<pre>
!!! Overview
Role-based security sounds terrific, but in practice it can be problematic for wikis. Because traditional [role-based access controls|RBAC] often assume that everything is configured by an administrator. This creates a support bottleneck, and a barrier to adoption.

To make [role-based access controls|RBAC] more flexible, JSPWiki allows users to create [{$pagename}]. These are special roles that users can create themselves. Users create [{$pagename}] by clicking on the front page link Create a new group. The JSP NewGroup.jsp opens. 

The user gives the [{$pagename}] a name and enumerates its members. The &quot;save&quot; button creates a new wiki group that contains the membership list. By default, any member of the group can edit the membership list.

[WIKI-Roles], [{$pagename}] and [WIKI-ACLs] are used to control access within the wiki. !! Some More Thoughts
[{$pagename}] are discretionary sets of users that have decided to associate themselves into a group. 

Functionally, they are just like [WIKI-Roles], but with a key difference: [{$pagename}] are managed by JSPWiki and not by the container. 

[{$pagename}] were deliberately meant to be managed outside of the web container, so that users can create discretionary &quot;roles&quot; without getting system admins involved. This is an intentional feature, and a very powerful one.!! Technical Implementation
The default group database implementation stores member lists in an XML file. The location of this file should be in a secure directory in the [File System]; for example, in /etc or your servlet container's configuration directory 

If you do not supply a value for this property, a blank group database will be initialized in the WEB-INF/ directory of the deployed webapp. Since these directories are often overwritten when webapps are undeployed or redeployed, you should probably set this property to something useful as soon as you can. But for test wikis, it's probably ok to leave this un-set, as long as users know that their groups could &quot;disappear&quot; if the wiki app is ever redeployed.

[{$pagename}] are stored using a GroupDatabase implementation which is by default uses an XML file for persistent storage. You could override with your own GroupDatabase implementation with this property: 
{{{
jspwiki.groupdatabase = org.apache.wiki.auth.authorize.XMLGroupDatabase 
}}}

!! [JSPWiki Roles and Groups]
Some thoughts about when to use [JSPWiki Roles and Groups] 

!! Groups in this wiki:
[{Groups}]!! More Information
There might be more information for this subject on one of the following:
[{ReferringPagesPlugin before='*' after='\n' }] 
</pre>