Add ability to restrict account creation
----------------------------------------
Key: JSPWIKI-266
URL: https://issues.apache.org/jira/browse/JSPWIKI-266
Project: JSPWiki
Issue Type: New Feature
Components: Authentication&Authorization
Reporter: Aaron Hamid
This is a formal feature request (because I could not find an existing issue)
for the "Admin Creates User Profiles" Idea here:
http://www.jspwiki.org/wiki/IdeaAdminCreatesUserProfiles
Once way to implement it would be, that a different permission,
"createProfile", be added, still configurable in the jspwiki.policy file. This
way the desired policy could be configured such that the admin group has the
"createProfile" permission, while the Authenticated have their "editProfile"
permission.
Workarounds are presented here
http://www.jspwiki.org/wiki/AllowOnlyAdministratorCreateUserAccounts but have
drawbacks, including allowing arbitrary junk accounts or forcing security to be
configured external to the application.
The proposal above, a new "createProfile" permission, seems like a
straightforward way to address this concern directly in the product expanding
its usefulness without weird workarounds.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
