This question about Authentication or Authorisation: Answered
Topic restrictions are ignored
Hi,
I'm trying to restrict access to a topic on an old foswiki version (1.0.7).
As described in documentation, I'm trying to use this:
- You can define these settings in the WebPreferencestopic, preferable towards the end of the topic:
-
Set DENYWEBVIEW = < comma-delimited list of users and groups >
-
Set ALLOWWEBVIEW = < comma-delimited list of users and groups >
-
Set DENYWEBCHANGE = < comma-delimited list of users and groups >
-
Set ALLOWWEBCHANGE = < comma-delimited list of users and groups >
-
Set DENYWEBRENAME = < comma-delimited list of users and groups >
-
Set ALLOWWEBRENAME = < comma-delimited list of users and groups >
The problem is that restriction is being ignored on this topic. I tried on other topics like
AdminGroup and it works.
Are you aware of something preventing the use of this restrictions ?
Thanks.
--
LionelAlarcon - 25 Jun 2014
You should try:
-
-
Set DENYTOPICVIEW = < comma-delimited list of users and groups >
What you have set will control access across a web, but the WEB based controls are only effective when provided in each web's
WebPreferences topic.
--
JulianLevens - 25 Jun 2014
I'm sorry, I didn't copy the right thing, I was actualy using ALLOWTOPICVIEW. I'm gonna try to deny.
--
LionelAlarcon - 25 Jun 2014
More information, we use ldap groups, this works for restricting access to webs or some topics.
Do you confirm that I should use for example:
Set DENYTOPICCHANGE =
DomainUsers
Set ALLOWTOPICCHANGE = AdminGroup ,Ops
--
LionelAlarcon - 25 Jun 2014
Yes that looks much better.
If that does not work then we need to find and
LdapContrib expert, I'd try asking on irc, that might speed up a response, see
http://irclogs.foswiki.org/
--
JulianLevens - 25 Jun 2014
Thanks, I will contact them.
--
LionelAlarcon - 26 Jun 2014
FYI, make sure the ' * Set' lines have a divisible-by-three number of spaces in front of the asterisk, edited in RAW.
--
LionelAlarcon - 26 Jun 2014