This file contains the local security policy for JSPWiki and is located in the WEB-INF directory for the wiki instance. It provides the permissions rules for the JSPWiki environment, and should be suitable for most purposes. JSPWiki will load this policy when the wiki webapp starts. Policies are defined in blocks. Lines may be commented out by placing two slashes {//) in front of the line. The JSPWiki engine will control and recall settings by the use of cookies on the client computer.
Wiki Security is primarily Role-based, although elements may be defined by User. In addition, Wiki Groups may be defined to provide additional role type security.
As with all aspects of the Wiki, the names are case-sensitive. Definition of users, groups, and the user-group relationship is handled through Wiki pages. The permissions that these users, roles and groups have are defined in this file on the server by an administrator.
In addition, the Wiki allows users to create groups, which can be used to provide security, for those users who are part of each group. The Wiki is distributed with three groups:
// **** ALL USERS **** // All users can view all pages, can sign in, and edit preferences and profile grant principal com.ecyrd.jspwiki.auth.authorize.Role "All" { permission com.ecyrd.jspwiki.auth.permissions.PagePermission "*:*", "view"; permission com.ecyrd.jspwiki.auth.permissions.WikiPermission "*", "editPreferences"; permission com.ecyrd.jspwiki.auth.permissions.WikiPermission "*", "login"; };
// **** ANONYMOUS USERS **** // Anonymous users (not logged in, and no cookie to assert who they are) get no additional privileges grant principal com.ecyrd.jspwiki.auth.authorize.Role "Anonymous" { };
// **** ASSERTED USERS **** // People who have a cookie, but have not logged in chave no additional capabilities, either grant principal com.ecyrd.jspwiki.auth.authorize.Role "Asserted" { };
// **** AUTHENTICATE USERS **** // People who have actually logged in, can edit and create pages that begin with "Internal." grant principal com.ecyrd.jspwiki.auth.authorize.Role "Authenticated" { permission com.ecyrd.jspwiki.auth.permissions.GroupPermission "*:*", "view"; permission com.ecyrd.jspwiki.auth.permissions.PagePermission "*:Internal.*", "edit"; permission com.ecyrd.jspwiki.auth.permissions.WikiPermission "*", "createPages"; };
// **** ADMINISTRATORS **** // People with the Group Admin have full permission on everything and can also edit/manipulate all groups grant principal com.ecyrd.jspwiki.auth.authorize.Role "Admin" { permission com.ecyrd.jspwiki.auth.permissions.AllPermission "*"; }; grant principal com.ecyrd.jspwiki.auth.GroupPrincipal "Admin" { permission com.ecyrd.jspwiki.auth.permissions.AllPermission "*"; permission com.ecyrd.jspwiki.auth.permissions.GroupPermission "*:*", "edit"; };
Screen captures are meant to be indicative of the concept being presented and may not reflect the current screen design.
If you have any comments or questions please email the Wiki Editor
All content © High Line Corporation