27 Mar
2013
27 Mar
'13
1:52 p.m.
Hello,
i would like to set up a private (corporate) XWiki installation.
I have a problem in the testing installation that i would have to
solve before i can go ahead.
When i set "prevent unregistered users from viewing pages, regardless
of the page or space rights", the ResetPassword page is affected by
this setting. This creates, as you can imagine, a quite paradoxical
situation.
What is the recommended way to set up a private wiki, or is this a bug?
Note that this happens in the latest 4.5 as well as 5.0 branches.
27 Mar
27 Mar
9:14 p.m.
New subject: [xwiki-users] Setting "prevent unregistered from viewing" and the ResetPassword page.
On Wed, Mar 27, 2013 at 12:52 PM, Benjamin Kunz <benjamin.kunz(a)gmail.com> wrote:
Hello,
i would like to set up a private (corporate) XWiki installation.
I have a problem in the testing installation that i would have to
solve before i can go ahead.
When i set "prevent unregistered users from viewing pages, regardless
of the page or space rights", the ResetPassword page is affected by
this setting. This creates, as you can imagine, a quite paradoxical
situation.
What is the recommended way to set up a private wiki, or is this a bug?
Note that this happens in the latest 4.5 as well as 5.0 branches.
I would suggest that you might need to go to Administer Wiki | Rights
| Users and then untick all of the boxes for "unregistered users"
Cheers
Arne
28 Mar
28 Mar
5:32 p.m.
New subject: [xwiki-users] Setting "prevent unregistered from viewing" and the ResetPassword page.
On 03/27/2013 08:52 AM, Benjamin Kunz wrote:
Hello,
i would like to set up a private (corporate) XWiki installation.
I have a problem in the testing installation that i would have to
solve before i can go ahead.
When i set "prevent unregistered users from viewing pages, regardless
of the page or space rights", the ResetPassword page is affected by
this setting. This creates, as you can imagine, a quite paradoxical
situation.
What is the recommended way to set up a private wiki, or is this a bug?
Note that this happens in the latest 4.5 as well as 5.0 branches.
It is a know limitation. The problem is that when you prevent view
rights for all unauthenticated users, you're also forbidding access to
the password reset page, which is a document in the wiki like all the
others.
One workaround for the moment is to set rights differently: instead of
checking "prevent unregistered users from viewing pages", deny all the
rights to the unauthenticated user. This should by default forbid access
to most parts of the wiki, except where explicitly granted rights, such
as the password reset feature.
--
Sergiu Dumitriu
http://purl.org/net/sergiu
4250
days inactive
4251
days old
2 comments
3 participants
participants (3)
-
Benjamin Kunz -
Sergiu Dumitriu -
shouldbe q931