Not exactly.
Being forced by web.xml policy you cannot visit the site anonymously but
you are instead forced to log in (as I assume you wish - otherwise where
is the problem)
at the webapp (or container) level.
But the rss builder check internal jsp policies and see all pages
accessibles, hence build the rss feed from all the pages.
Obviously you may wish also to protect at the application/container
level also the rss feed itself, other than normal *.jsp urls
On 3/15/2011 6:08 PM, George, Kenneth V [NTK] wrote:
So basically, if you are an anonymous user, you could still go through and view
all content of the wiki, regardless of authentication - correct?
-----Original Message-----
From: [email protected] [mailto:[email protected]]
Sent: Tuesday, March 15, 2011 3:17 AM
To: [email protected]
Subject: Re: RSS Feed issuse
This issue was already discussed a bit (see
http://www.mail-archive.com/[email protected]/msg01752.html).
However, i have a setup where the whole system is under access control, but
with all authenticated users allowed to see anything, and in this case I was
able to manage my (and likely your need):
I setup forced authentication through web.xml and then defined the policy as
following:
grant principal com.ecyrd.jspwiki.auth.authorize.Role "Anonymous" { permission
com.ecyrd.jspwiki.auth.permissions.PagePermission "*:*", "view"; };
grant principal com.ecyrd.jspwiki.auth.authorize.Role "Asserted" { };
grant principal com.ecyrd.jspwiki.auth.authorize.Role "Authenticated" {
permission com.ecyrd.jspwiki.auth.permissions.PagePermission "*:*",
"modify,rename";
permission com.ecyrd.jspwiki.auth.permissions.GroupPermission
"*:*", "view";
permission com.ecyrd.jspwiki.auth.permissions.GroupPermission
"*:<groupmember>", "edit";
permission com.ecyrd.jspwiki.auth.permissions.WikiPermission "*",
"createPages,createGroups"; };
Net effect is that tomcat manage and force authentication, but rss reader
assume everything is accessible ...
Luca
On 3/15/2011 8:42 AM, Florian Holeczek wrote:
Hi Kenneth,
AFAIK this is not possible. Since the feed is public, it would leak protected
information otherwise. As long as the public is authorized to view a page, this
one should show up in the feed, too.
Best regards
Florian
----- Ursprüngliche Mail -----
Von: "Kenneth V George [NTK]"<[email protected]>
An: [email protected]
Gesendet: Montag, 14. März 2011 23:23:23
Betreff: RSS Feed issuse
I have installed JSPWIKI 2.8.4 and setup RSS feeds. The file was generated,
BUT, I am only getting updates on 2 pages (Main and About). Neither of these
is protected. However, I have made several changes to pages that ARE protected
and these don't show up. How do I get these to show up since several people
have VIEW/EDIT access to the pages and want to know when things change?
Thanks.
________________________________
This e-mail may contain Sprint Nextel proprietary information intended for the
sole use of the recipient(s). Any use by others is prohibited. If you are not
the intended recipient, please contact the sender and delete all copies of the
message.
________________________________
This e-mail may contain Sprint Nextel proprietary information intended for the
sole use of the recipient(s). Any use by others is prohibited. If you are not
the intended recipient, please contact the sender and delete all copies of the
message.
