[
https://issues.apache.org/jira/browse/JSPWIKI-266?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12657117#action_12657117
]
Harry Metske commented on JSPWIKI-266:
--------------------------------------
The easiest way is doing it with Eclipse, navigate to this jspwiki.policy file,
right-click on it => Team => Apply Patch, the choose this patchfile. (you can
also use the clipboard).
> Add ability to restrict account creation
> ----------------------------------------
>
> Key: JSPWIKI-266
> URL: https://issues.apache.org/jira/browse/JSPWIKI-266
> Project: JSPWiki
> Issue Type: New Feature
> Components: Authentication&Authorization
> Reporter: Aaron Hamid
> Assignee: Andrew Jaquith
> Attachments: limitprofilecreation.patch
>
>
> This is a formal feature request (because I could not find an existing issue)
> for the "Admin Creates User Profiles" Idea here:
> http://www.jspwiki.org/wiki/IdeaAdminCreatesUserProfiles
> Once way to implement it would be, that a different permission,
> "createProfile", be added, still configurable in the jspwiki.policy file.
> This way the desired policy could be configured such that the admin group has
> the "createProfile" permission, while the Authenticated have their
> "editProfile" permission.
> Workarounds are presented here
> http://www.jspwiki.org/wiki/AllowOnlyAdministratorCreateUserAccounts but have
> drawbacks, including allowing arbitrary junk accounts or forcing security to
> be configured external to the application.
> The proposal above, a new "createProfile" permission, seems like a
> straightforward way to address this concern directly in the product expanding
> its usefulness without weird workarounds.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
