Hello everybody,
the test suggested by JPSR is ok only for 1/4 :-)
I had to change the test in
-----
if ( ! (permission instanceof AllPermission)
&& ! (permission instanceof GroupPermission)
&& ! (permission instanceof PagePermission)
&& ! (permission instanceof WikiPermission)
)
return Boolean.TRUE;
-----
But the direction was important :-) Thanks.
I will try to understand hoe JIRA works to submit the patch ;-)
Regards,
Roberto
Quoting "Juan Pablo Santos RodrÃguez" <juanpablo.san...@gmail.com>:
Hello Roberto,
first apologies on not commenting on the previous e-mail. I've cc'ed
jspwiki-dev, which seems a more appropiate place to make this question.
I don't have the source right here but maybe you could check if permission
instanceof WikiPermission?
Also, don't know if you checked, but
http://doc.jspwiki.org/2.4/wiki/Wiki.Admin.Security#section-Wiki.Admin.Security-CustomizingTheAuthorizationProcessmay
give you some insights. I'll try to have a look at this, but seems to
me the appropiate way may go through developing your own JSPWiki
Authorizer. This way you could avoid patching "core" src and yet have your
own customized behaviour.
Regarding including source/patches/fixes, the best place is to file a JIRA,
see http://www.jspwiki.org/wiki/ContributingChanges, we gladly accept
contributions :-)
br,
juan pablo
On Mon, Aug 6, 2012 at 4:21 PM, Roberto Venturi <ro...@mercurio.it> wrote:
Hi,
another chapter of my "search of the holy grail" with JSPWiki & websphere
security policies :-)
--------------
File: org.apache.auth.Authorization.**Manager.java
Method: checkStaticPermission
Code:
try
{
// Check the JVM-wide security policy first
AccessController.**checkPermission( permission );
return Boolean.TRUE;
}
catch( AccessControlException e )
--------------
the "return Boolean.TRUE;" can't be disabled (with "//") as I suggested in
precedent email because it manages all "non wiki" permissions. So I need a
test on "permission" to see if it's or not a "wiki permission".
I'm trying substituting the statement with a "brutal" block as
--------------
String pName = permission.getName();
if (pName==null || pName.length()<4 || !pName.substring(0,4).equals("**
Wiki"))
return Boolean.TRUE;
--------------
And, it was time, here is the question: there is a "more nice" way to do
the test?
Tanks for your patience :-)
Roberto
--
Messaggio inviato da WebMail - http://www.mercurio.it
------------------------------**-------------------------
--
Messaggio inviato da WebMail - http://www.mercurio.it
-------------------------------------------------------
