fmancinelli (SVN) wrote:
> Author: fmancinelli
> Date: 2009-03-23 22:15:24 +0100 (Mon, 23 Mar 2009)
> New Revision: 17953
>
> Modified:
>
> platform/core/branches/xwiki-core-1.8/xwiki-core/src/main/java/com/xpn/xwiki/xmlrpc/XWikiUtils.java
>
> platform/core/branches/xwiki-core-1.8/xwiki-core/src/main/java/com/xpn/xwiki/xmlrpc/XWikiXmlRpcApiImpl.java
> Log:
> XWIKI-3449: Authenticated XWiki user name might be incorrect in XMLRPC login
> XWIKI-3450: Allow guest access to be disabled in XMLRPC
> + /* Check if we must grant access when no token is provided */
> + boolean allowGuest =
> context.getWiki().ParamAsLong("xwiki.authentication.always", 0) != 1;
> +
Fabio, you are using this parameter wrong. This doesn't mean that only
authenticated users are allowed, but it controls the optimization done
by Thomas, which is to only check the authentication only if there is no
Principal in the session. This parameter forces to check the cookies at
each request instead of using the session object.
--
Sergiu Dumitriu
http://purl.org/net/sergiu/
_______________________________________________
devs mailing list
[email protected]
http://lists.xwiki.org/mailman/listinfo/devs
