The same thing happens after I clear cache. No I can't reproduce it in the
sandbox. I downloaded source and put some println statements is
AuthorizationManager.java as follows:
Permission allPermission = new AllPermission( m_engine.getApplicationName() );
boolean hasAllPermission = checkStaticPermission( session,
allPermission );
//hasAllPermission = false;
System.err.println("AuthorizationManager AllPermission:
"+hasAllPermission);
if ( hasAllPermission )
{
System.err.println("AuthorizationManager the user: "+user+" has
AllPermssion");
fireEvent( WikiSecurityEvent.ACCESS_ALLOWED, user, permission );
return true;
}
System.err.println("AuthorizationManager the user does not have
AllPermssion");
The result is:
[4/25/10 12:57:13:187 PDT] 00000033 SystemErr R AuthorizationManager the
user: [WikiPrincipal (unspecified): 127.0.0.1] has AllPermssion
If I override hasAllPermission to false it works.
David Clemmons
________________________________
From: Harry Metske <[email protected]>
To: [email protected]
Sent: Sun, April 25, 2010 10:25:32 AM
Subject: Re: ACL problem
what happens if you clear the browser cache after logging out ?
And, can you reproduce it on http://sandbox.jspwiki.org ?
regards,
Harry
2010/4/25 David Clemmons <[email protected]>
> Harry,
> Here's the bottom of my jspwiki.log file:
> 2010-04-25 08:16:04,078 [WebContainer : 1] DEBUG
> com.ecyrd.jspwiki.auth.login.AbstractLoginModule JSPWiki:/JSPWiki/Edit.jsp -
> Committed Principal 127.0.0.1
> 2010-04-25 08:16:04,078 [WebContainer : 1] DEBUG
> com.ecyrd.jspwiki.auth.SessionMonitor JSPWiki:/JSPWiki/Edit.jsp - Looking up
> WikiSession for session ID=cGGfYswMMePl5SQNRCJd6I1... found it
> 2010-04-25 08:16:04,078 [WebContainer : 1] DEBUG
> com.ecyrd.jspwiki.auth.SessionMonitor JSPWiki:/JSPWiki/Edit.jsp - Looking up
> WikiSession for session ID=cGGfYswMMePl5SQNRCJd6I1... found it
> 2010-04-25 08:16:04,078 [WebContainer : 1] DEBUG
> com.ecyrd.jspwiki.auth.SessionMonitor JSPWiki:/JSPWiki/Edit.jsp JSPWiki:
> http://localhost:9081/JSPWiki/Edit.jsp - Looking up WikiSession for
> session ID=cGGfYswMMePl5SQNRCJd6I1... found it
> 2010-04-25 08:16:04,093 [WebContainer : 1] INFO JSPWiki
> JSPWiki:/JSPWiki/Edit.jsp JSPWiki:http://localhost:9081/JSPWiki/Edit.jsp -
> Editing page DavidS Page. User=127.0.0.1, host=127.0.0.1
> 2010-04-25 08:16:04,156 [WebContainer : 1] DEBUG
> com.ecyrd.jspwiki.auth.SessionMonitor JSPWiki:/JSPWiki/Edit.jsp JSPWiki:
> http://localhost:9081/JSPWiki/Edit.jsp - Looking up WikiSession for
> session ID=cGGfYswMMePl5SQNRCJd6I1... found it
>
> Here's is the page I edited:
> [{ALLOW view DavidClemmons}]
>
> This is my David's page and should not be seen by anyone but me.
>
>
>
> JSPWiki says G’day (anonymous guest)
>
> Am I coding the ACL correctly?
>
> Is my JAVA version correct?
>
> java -version
> java version "1.5.0"
> Java(TM) 2 Runtime Environment, Standard Edition (build
> pwi32devifx-20070323 (if
> ix 117674: SR4 + 116644 + 114941 + 116110 + 114881))
> IBM J9 VM (build 2.3, J2RE 1.5.0 IBM J9 2.3 Windows XP x86-32
> j9vmwi3223ifx-2007
> 0323 (JIT enabled)
> J9VM - 20070322_12058_lHdSMR
> JIT - 20070109_1805ifx3_r8
> GC - WASIFIX_2007)
> JCL - 20070131
>
>
>
> David Clemmons
