This page (revision-9) was last changed on 26-Nov-2021 10:22 by jaiken

This page was created on 26-Nov-2021 10:22 by RForbes

Only authorized users are allowed to rename pages.

Only authorized users are allowed to delete pages.

Page revision history

Version Date Modified Size Author Changes ... Change note
9 26-Nov-2021 10:22 6 KB jaiken to previous
8 26-Nov-2021 10:22 6 KB rforbes to previous | to last
7 26-Nov-2021 10:22 6 KB JMyers to previous | to last
6 26-Nov-2021 10:22 6 KB RForbes to previous | to last
5 26-Nov-2021 10:22 6 KB RForbes to previous | to last
4 26-Nov-2021 10:22 6 KB RForbes to previous | to last
3 26-Nov-2021 10:22 6 KB RForbes to previous | to last
2 26-Nov-2021 10:22 5 KB RForbes to previous | to last
1 26-Nov-2021 10:22 5 KB RForbes to last

Page References

Incoming links Outgoing links

Version management

Difference between version and

At line 42 added 7 lines
!jspwiki.cookieAssertions =
This setting is TRUE by default, but it is recommended that this be set to FALSE. If on, the Wiki engine will "think" you are who you say you are by virtue of the presence of a [cookie|WIKI.COOKIES] to say so. Review [JSPWIKI.POLICY] to determine if you want to allow this setting. It's still considered to be unsafe, just like no login at all, but it is useful when you have no need to force everyone to login.
!jspwiki.cookieAuthentication =
This setting is FALSE by default. If you would like to keep your users logged in for weeks at a time, you can turn on this "cookie authentication" feature. However, this comes with important security caveats:
# Users will stay logged in into your system for weeks. This means that if someone manages to nab the cookie during this time, they can pretend to be that user.
# The mappings between cookies and users are written in your filesystem, in $jspwiki.workDir/logincookies. Access to this directory means that the ability to fake anyone in the wiki, so please make sure that only the proper admin has read access to this directory.