This is an automated email from the ASF dual-hosted git repository. juanpablo pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/jspwiki.git
commit d2b48ed30389a892cd8f1a9af6bee5182a417e54 Author: juanpablo <[email protected]> AuthorDate: Sat Nov 7 18:43:46 2020 +0100 allow anonymous edits on container managed security instances --- .../jspwiki-it-test-cma-jdbc/src/main/webapp/WEB-INF/web.xml | 5 +++-- jspwiki-it-tests/jspwiki-it-test-cma/src/main/webapp/WEB-INF/web.xml | 5 +++-- 2 files changed, 6 insertions(+), 4 deletions(-) diff --git a/jspwiki-it-tests/jspwiki-it-test-cma-jdbc/src/main/webapp/WEB-INF/web.xml b/jspwiki-it-tests/jspwiki-it-test-cma-jdbc/src/main/webapp/WEB-INF/web.xml index 618a204..6be2a4d 100644 --- a/jspwiki-it-tests/jspwiki-it-test-cma-jdbc/src/main/webapp/WEB-INF/web.xml +++ b/jspwiki-it-tests/jspwiki-it-test-cma-jdbc/src/main/webapp/WEB-INF/web.xml @@ -277,7 +277,8 @@ In particular, the restrictions below allow all users to read documents, but only Authenticated users can comment - on or edit them (i.e., access the Edit.jsp page). + on them. Anonymous edits (i.e., access the Edit.jsp page) are + allowed, as there is a test which does precisely that. Users with the role Admin are the only persons who can delete pages. @@ -326,7 +327,7 @@ <security-constraint> <web-resource-collection> <web-resource-name>Authenticated area</web-resource-name> - <url-pattern>/Edit.jsp</url-pattern> + <!-- <url-pattern>/Edit.jsp</url-pattern> --> <url-pattern>/Comment.jsp</url-pattern> <url-pattern>/Login.jsp</url-pattern> <url-pattern>/NewGroup.jsp</url-pattern> diff --git a/jspwiki-it-tests/jspwiki-it-test-cma/src/main/webapp/WEB-INF/web.xml b/jspwiki-it-tests/jspwiki-it-test-cma/src/main/webapp/WEB-INF/web.xml index b876d31..085b383 100644 --- a/jspwiki-it-tests/jspwiki-it-test-cma/src/main/webapp/WEB-INF/web.xml +++ b/jspwiki-it-tests/jspwiki-it-test-cma/src/main/webapp/WEB-INF/web.xml @@ -208,7 +208,8 @@ In particular, the restrictions below allow all users to read documents, but only Authenticated users can comment - on or edit them (i.e., access the Edit.jsp page). + on them. Anonymous edits (i.e., access the Edit.jsp page) are + allowed, as there is a test which does precisely that. Users with the role Admin are the only persons who can delete pages. @@ -255,7 +256,7 @@ <security-constraint> <web-resource-collection> <web-resource-name>Authenticated area</web-resource-name> - <url-pattern>/Edit.jsp</url-pattern> + <!-- <url-pattern>/Edit.jsp</url-pattern> --> <url-pattern>/Comment.jsp</url-pattern> <url-pattern>/Login.jsp</url-pattern> <url-pattern>/NewGroup.jsp</url-pattern>
