Do you mean something like this :
http://www.jspwiki.org/wiki/PermTest
This page has the following text, and is not viewable by anonymous users:
[{ALLOW edit metskem}]
[{ALLOW view Asserted}]
You should not be able to see the source of this page !
Harry
2007/11/25, Kalle Kivimaa <[EMAIL PROTECTED]>:
>
> Yes, because I want *most* of my wiki to be visible to everybody, and
> I understood that an ACL takes precedence over the policy file.
>
> From http://doc.jspwiki.org/2.4/wiki/Security
> "By default, wiki pages do not have access control lists. When a page
> doesn't have an ACL, the default security policy for the page
> applies."
>
> I read that as saying that the security policy is *only* used if there
> is no ACL.
>
> Janne Jalkanen <[EMAIL PROTECTED]> writes:
>
> > Um. You're granting read permissions to Anonymous in your policy file.
> >
> > /Janne
> >
> > On 25 Nov 2007, at 14:47, Kalle Kivimaa wrote:
> >
> >> OK, after finally getting my Tomcat to actually use the security
> >> policy correctly, I still have the problem of the page ACL's not being
> >> used. The JAAS config file is loaded correctly, as is the policy file
> >> (policy file access restrictions work correctly).
> >>
> >> Any ideas what I'm doing wrong?
> >>
> >> Page header:
> >> [{ALLOW view Asserted}]
> >>
> >> Policy file:
> >> grant principal com.ecyrd.jspwiki.auth.authorize.Role "Anonymous" {
> >> permission com.ecyrd.jspwiki.auth.permissions.PagePermission
> >> "*:*", "view";
> >> permission com.ecyrd.jspwiki.auth.permissions.WikiPermission
> >> "*", "editPreferences";
> >> permission com.ecyrd.jspwiki.auth.permissions.WikiPermission
> >> "*", "editProfile";
> >> permission com.ecyrd.jspwiki.auth.permissions.WikiPermission
> >> "*", "login";
> >> };
> >>
> >> grant principal com.ecyrd.jspwiki.auth.authorize.Role "All" {
> >> permission com.ecyrd.jspwiki.auth.permissions.WikiPermission
> >> "*", "login";
> >> };
> >>
> >> Log file:
> >> 2007-11-25 14:42:58,883 [http-8180-Processor22] DEBUG
> >> com.ecyrd.jspwiki.WikiContext kalle:/kalle/Wiki.jsp kalle:http://
> >> localhost:8180/kalle/Wiki.jsp - Do we need to log the user in? false
> >> 2007-11-25 14:42:58,884 [http-8180-Processor22] DEBUG
> >> com.ecyrd.jspwiki.auth.acl.DefaultAclManager kalle:/kalle/Wiki.jsp
> >> kalle:http://localhost:8180/kalle/Wiki.jsp - page=TaloInfo null
> >> 2007-11-25 14:42:58,884 [http-8180-Processor22] DEBUG
> >> com.ecyrd.jspwiki.WikiSession kalle:/kalle/Wiki.jsp kalle:http://
> >> localhost:8180/kalle/Wiki.jsp - Looking up WikiSession for NULL
> >> HttpRequest: returning guestSession()
> >> 2007-11-25 14:42:58,884 [http-8180-Processor22] DEBUG
> >> com.ecyrd.jspwiki.WikiContext kalle:/kalle/Wiki.jsp kalle:http://
> >> localhost:8180/kalle/Wiki.jsp - Creating WikiContext for session ID=
> >> (null); target=TaloInfo
> >> 2007-11-25 14:42:58,884 [http-8180-Processor22] DEBUG
> >> com.ecyrd.jspwiki.WikiContext kalle:/kalle/Wiki.jsp kalle:http://
> >> localhost:8180/kalle/Wiki.jsp - Do we need to log the user in? false
> >> 2007-11-25 14:42:58,884 [http-8180-Processor22] DEBUG
> >> com.ecyrd.jspwiki.parser.JSPWikiMarkupParser kalle:/kalle/Wiki.jsp
> >> kalle:http://localhost:8180/kalle/Wiki.jsp - page=TaloInfo, ACL =
> >> ALLOW view Asserted
> >> 2007-11-25 14:42:58,884 [http-8180-Processor22] DEBUG
> >> com.ecyrd.jspwiki.auth.acl.DefaultAclManager kalle:/kalle/Wiki.jsp
> >> kalle:http://localhost:8180/kalle/Wiki.jsp - Adding new acl entry
> >> for view
> >> 2007-11-25 14:42:58,884 [http-8180-Processor22] DEBUG
> >> com.ecyrd.jspwiki.auth.acl.DefaultAclManager kalle:/kalle/Wiki.jsp
> >> kalle:http://localhost:8180/kalle/Wiki.jsp - user = Asserted:
> >> (("com.ecyrd.jspwiki.auth.permissions.PagePermission","kalle:TaloInfo"
> >> ,"view"))
> >> 2007-11-25 14:42:58,884 [http-8180-Processor22] DEBUG
> >> com.ecyrd.jspwiki.parser.JSPWikiMarkupParser kalle:/kalle/Wiki.jsp
> >> kalle:http://localhost:8180/kalle/Wiki.jsp - user = Asserted:
> >> (("com.ecyrd.jspwiki.auth.permissions.PagePermission","kalle:TaloInfo"
> >> ,"view"))
> >> 2007-11-25 14:42:58,884 [http-8180-Processor22] DEBUG
> >> com.ecyrd.jspwiki.WikiSession kalle:/kalle/Wiki.jsp kalle:http://
> >> localhost:8180/kalle/Wiki.jsp - Looking up WikiSession for NULL
> >> HttpRequest: returning guestSession()
> >> 2007-11-25 14:42:58,884 [http-8180-Processor22] DEBUG
> >> com.ecyrd.jspwiki.WikiContext kalle:/kalle/Wiki.jsp kalle:http://
> >> localhost:8180/kalle/Wiki.jsp - Creating WikiContext for session ID=
> >> (null); target=TaloInfo
> >> 2007-11-25 14:42:58,884 [http-8180-Processor22] DEBUG
> >> com.ecyrd.jspwiki.WikiContext kalle:/kalle/Wiki.jsp kalle:http://
> >> localhost:8180/kalle/Wiki.jsp - Do we need to log the user in? false
> >> 2007-11-25 14:42:58,889 [http-8180-Processor22] DEBUG
> >> com.ecyrd.jspwiki.WikiEngine kalle:/kalle/Wiki.jsp kalle:http://
> >> localhost:8180/kalle/Wiki.jsp - Page TaloInfo rendered, took
> >> 0:00:00.005
> >>
> >> --
> >> * Sufficiently advanced magic is indistinguishable from technology
> >> (T.P) *
> >> * PGP public key available @ http://www.iki.fi/
> >> killer *
> >
> >
>
> --
> * Sufficiently advanced magic is indistinguishable from technology (T.P
> ) *
> * PGP public key available @ http://www.iki.fi/killer
> *
>
--
met vriendelijke groet,
Harry Metske
Telnr. +31-548-512395
Mobile +31-6-51898081
