Sorry not touched Glassfish On 1 February 2016 at 11:40, Jason Morris <jason.mor...@sydney.edu.au> wrote:
> Thanks, Col! > The other tricky bit (which I should have stipulated) is that I’m > currently running JSPWiki on Glassfish 4.0. > Do you have a mod for impl this on Glassfish? > Cheers, > Jason > > Jason C. Morris | PhD Candidate > Department of Environmental Sciences | Faculty of Agriculture and > Environment > THE UNIVERSITY OF SYDNEY, NSW, 2006 > phone: +61 02 8627 1152 > > > From: Col Willis [mailto:col.wil...@gmail.com] > Sent: Monday, 1 February 2016 7:01 PM > To: user@jspwiki.apache.org > Cc: d...@jspwiki.apache.org > Subject: Re: FEATURE REQUEST: Restricting pages to users in certain roles > > I have got this working, it took some time but I hope the below helps: > > I have got this working on my Apache Tomcat JSP Wiki Deployment: > > > Tomcat Users Conf File: > <role rolename="Admin"/> > <role rolename="Authenticated"/> > <role rolename="Trusted"/> > > <user username="col" password="SomePa55word" roles="Admin"/> > > ---------------------------------- > > On your Wiki Pages.... > > For Group Level Restrictions: > [{ALLOW comment Authenticated}] > [{ALLOW modify Admin}] > > For User Level Restriction: > [{ALLOW view col}] > [{ALLOW modify col}] > > ------------------------------------- > > Now for the tricky bit, in JSPWiki-WAR Code: > > jspwiki.policy File: > (Attached) > > ------------------- > > At the end of the web.xml: > ... > > <security-constraint> > <web-resource-collection> > <web-resource-name>Administrative Area</web-resource-name> > <url-pattern>/Wiki.jsp</url-pattern> > <url-pattern>/Delete.jsp</url-pattern> > <url-pattern>/Edit.jsp</url-pattern> > <url-pattern>/Comment.jsp</url-pattern> > <url-pattern>/Login.jsp</url-pattern> > <url-pattern>/NewGroup.jsp</url-pattern> > <url-pattern>/Rename.jsp</url-pattern> > <url-pattern>/Upload.jsp</url-pattern> > <url-pattern>/attach</url-pattern> > <http-method>DELETE</http-method> > <http-method>GET</http-method> > <http-method>HEAD</http-method> > <http-method>POST</http-method> > <http-method>PUT</http-method> > </web-resource-collection> > <auth-constraint> > <role-name>Admin</role-name> > </auth-constraint> > <user-data-constraint> > <transport-guarantee>CONFIDENTIAL</transport-guarantee> > </user-data-constraint> > </security-constraint> > > <security-constraint> > <web-resource-collection> > <web-resource-name>Trusted Area</web-resource-name> > <url-pattern>/Wiki.jsp</url-pattern> > <url-pattern>/Edit.jsp</url-pattern> > <url-pattern>/Comment.jsp</url-pattern> > <url-pattern>/Login.jsp</url-pattern> > <url-pattern>/Rename.jsp</url-pattern> > <url-pattern>/Upload.jsp</url-pattern> > <url-pattern>/attach</url-pattern> > <http-method>GET</http-method> > <http-method>HEAD</http-method> > <http-method>POST</http-method> > <http-method>PUT</http-method> > </web-resource-collection> > <auth-constraint> > <role-name>Trusted</role-name> > </auth-constraint> > <user-data-constraint> > <transport-guarantee>CONFIDENTIAL</transport-guarantee> > </user-data-constraint> > </security-constraint> > > <security-constraint> > <web-resource-collection> > <web-resource-name>Authenticated area</web-resource-name> > <url-pattern>/Wiki.jsp</url-pattern> > <url-pattern>/Comment.jsp</url-pattern> > <url-pattern>/Login.jsp</url-pattern> > <http-method>DELETE</http-method> > <http-method>GET</http-method> > <http-method>HEAD</http-method> > <http-method>POST</http-method> > <http-method>PUT</http-method> > </web-resource-collection> > > <auth-constraint> > <role-name>Authenticated</role-name> > </auth-constraint> > > <user-data-constraint> > <transport-guarantee>CONFIDENTIAL</transport-guarantee> > </user-data-constraint> > </security-constraint> > > <login-config> > <auth-method>FORM</auth-method> > <form-login-config> > <form-login-page>/LoginForm.jsp</form-login-page> > <form-error-page>/LoginForm.jsp</form-error-page> > </form-login-config> > </login-config> > > <security-role> > <description> > This logical role includes all Admin usersit > </description> > <role-name>Admin</role-name> > </security-role> > <security-role> > <description> > This logical role includes all Trusted users > </description> > <role-name>Trusted</role-name> > </security-role> > <security-role> > <description> > This logical role includes all Authenticated users > </description> > <role-name>Authenticated</role-name> > </security-role> > > </web-app> > > --------------------------- > There may have been other settings but I can not see these at the moment. > > Hope this helps > > > On 1 February 2016 at 00:25, Jason Morris <jason.mor...@sydney.edu.au > <mailto:jason.mor...@sydney.edu.au>> wrote: > Hi All, > I'd like to request a feature to restrict page access/edit to users in > certain roles. > Does anyone know if this already possible in JSPWiki? > Cheers, > Jason > > > Jason C. Morris | PhD Candidate > Department of Environmental Sciences | Faculty of Agriculture and > Environment > THE UNIVERSITY OF SYDNEY, NSW, 2006 > phone: +61 02 8627 1152<tel:%2B61%2002%208627%201152> > > > > -- > Col W > -- Col W
