26 Oct
2005
26 Oct
'05
3:51 p.m.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hi!
I found another minor issue with XWiki.
When users first load the XWiki Main Page using the URL
<http://server:8080/xwiki/bin/view/Main/WebHome/> the
Browser is redirected to the Login Page at
<http://server:8080/xwiki/bin/login/XWiki/XwikiLogin>
This is fine as I configured a private wiki and all users
have to authenticate before using the wiki.
But the Login page seems to be missing the correct CSS.
There is no logo and fonts and colors look very basic.
Now users enter their correct username and password and klick
on the Log-in button. As a result the browser loads the CSS at
address <http://server:8080/xwiki/bin/skin/XWiki/MySkin/style.css>
as a normal file! Opera shows the style sheet in the browser window
as normal text, Firefox and Konqueror opens a dialog and ask the
user what to do (download, open with...)
Users have to reload the page in order to get to the XWiki
main page with the correct style sheet applied. After that
everything works as normal.
I can reproduce this behaviour at every fresh login to XWiki.
BTW: I'm currently testing with xwiki-0.9.840
Ideas?
- - andreas
- --
Andreas Haumer | mailto:andreas@xss.co.at
*x Software + Systeme | http://www.xss.co.at/
Karmarschgasse 51/2/20 | Tel: +43-1-6060114-0
A-1100 Vienna, Austria | Fax: +43-1-6060114-71
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org
iD8DBQFDX4nOxJmyeGcXPhERAjOYAKDD0PKgwb5kuqWf/7qicGppenQAIQCgjnPK
nrMdeIeMKpR0t0G50gxDcXs=
=+pFn
-----END PGP SIGNATURE-----
26 Oct
26 Oct
5:14 p.m.
New subject: [xwiki-users] First Login to XWiki always loads CSS
This is kind of a feature..
When the skin is wiki-based (as opposed to the 'default' skin stored in
the file-system), you can't neither 'always authentication on view',
neither forbid viewing of the skin page..
Either fallback to the default skin (in the preferences), or deactivate
'always authentication on view' and give view rights to all users to the
skin page
Ludovic
Andreas Haumer wrote:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hi!
I found another minor issue with XWiki.
When users first load the XWiki Main Page using the URL
<http://server:8080/xwiki/bin/view/Main/WebHome/> the
Browser is redirected to the Login Page at
<http://server:8080/xwiki/bin/login/XWiki/XwikiLogin>
This is fine as I configured a private wiki and all users
have to authenticate before using the wiki.
But the Login page seems to be missing the correct CSS.
There is no logo and fonts and colors look very basic.
Now users enter their correct username and password and klick
on the Log-in button. As a result the browser loads the CSS at
address <http://server:8080/xwiki/bin/skin/XWiki/MySkin/style.css>
as a normal file! Opera shows the style sheet in the browser window
as normal text, Firefox and Konqueror opens a dialog and ask the
user what to do (download, open with...)
Users have to reload the page in order to get to the XWiki
main page with the correct style sheet applied. After that
everything works as normal.
I can reproduce this behaviour at every fresh login to XWiki.
BTW: I'm currently testing with xwiki-0.9.840
Ideas?
- - andreas
- --
Andreas Haumer | mailto:andreas@xss.co.at
*x Software + Systeme | http://www.xss.co.at/
Karmarschgasse 51/2/20 | Tel: +43-1-6060114-0
A-1100 Vienna, Austria | Fax: +43-1-6060114-71
--
Ludovic Dubost
XPertNet: http://www.xpertnet.fr/
Blog: http://www.ludovic.org/blog/
XWiki: http://www.xwiki.com
Skype: ldubost AIM: nvludo Yahoo: ludovic
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org
iD8DBQFDX4nOxJmyeGcXPhERAjOYAKDD0PKgwb5kuqWf/7qicGppenQAIQCgjnPK
nrMdeIeMKpR0t0G50gxDcXs=
=+pFn
-----END PGP SIGNATURE-----
------------------------------------------------------------------------
--
You receive this message as a subscriber of the xwiki-users(a)objectweb.org mailing list.
To unsubscribe: mailto:xwiki-users-unsubscribe@objectweb.org
For general help: mailto:sympa@objectweb.org?subject=help
ObjectWeb mailing lists service home page: http://www.objectweb.org/wws
8:33 p.m.
New subject: [xwiki-users] First Login to XWiki always loads CSS
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hi Ludovic,
Ludovic Dubost schrieb:
This is kind of a feature..
When the skin is wiki-based (as opposed to the 'default' skin stored in
the file-system), you can't neither 'always authentication on view',
neither forbid viewing of the skin page..
Either fallback to the default skin (in the preferences), or deactivate
'always authentication on view' and give view rights to all users to the
skin page
I have to admit that I still don't really understand
the details of access rights concepts in XWiki. There
are many places where one can configure some parts
of wiki access rights and as a whole it's a little bit
confusing to me ... :-(
I wanted to create a Wiki which can only be used by
authenticated users. That's why I had the setting of
"Always authenticate on viewing" of the "Parameters"
section of XWiki.XWikiPreferences to "yes"
I now changed that to "No" and noticed that users still
have to authenticate before they can view any content
of the wiki. Also, the CSS problem on the login page
is still there. Perhaps users do not have the necessary
view rights? But I have given the XWiki.XWikiAllGroup
"view" rights on the XWiki.XWikiGlobalRights level...
What does the "Always authenticate on viewing" parameter do,
anyway?
I also tried to change the skin configuration, but I haven't
really figured how I should do this. First, I had the skin
"XWiki.MySkin" configured (XWiki preferences, section "Skin",
attribute "Skin"). Lacking a better idea, I changed that to
the value "default" (is that the right value? There is no
list or drop-down menu where one can choose the right value).
With the skin setting of "default" it _looks_ like the CSS
problem is gone, though I'm not really sure as sometimes old
cookie settings and cached pages in the browser invalidate
my test results. I need firther testing I guess...
A lot of questions, some more grey hairs... ;-)
- - andreas
- --
Andreas Haumer | mailto:andreas@xss.co.at
*x Software + Systeme | http://www.xss.co.at/
Karmarschgasse 51/2/20 | Tel: +43-1-6060114-0
A-1100 Vienna, Austria | Fax: +43-1-6060114-71
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org
iD8DBQFDX8wUxJmyeGcXPhERAp3wAJ9/7AQY+bAX7akhapK9M6GOlhJy1wCguQpD
Fp+TFyS/FD02wn4Yt6DpCl8=
=O343
-----END PGP SIGNATURE-----
9:38 p.m.
New subject: [xwiki-users] First Login to XWiki always loads CSS
Hi Andreas,
The XWiki access right system is simple and complex at the same time !!
There are reasons for the different available options.. Now there are
some 'incompatibilities' between features..
The way things are evaluated are:
User 'X' comes with action 'A' on Space 'S' and page 'P'
1/ Is there an 'Always authenticated' on the action (view or edit). If
so guest (non authenticated) are thrown out
-> rule number 1 makes the login page not show the skin in the case
of the skin being stored in the wiki (and not in the file system which
is the other option)
-> everything this rule does can be done with the following right
settings. This rule is more here as a matter of security if you want to
make sure your own users or space admins will never be able to open any
page for non authenticated users. Now this is incompatible with having a
skin stored in the wiki
2/ Check if user has admin rights on the whole Wiki. If so OK
3/ Check if user has admin rights on the space 'S'. If so OK
4/ Check if user has allow rights at the page level (If so OK)
4b/ If somebody has these rights then NOT OK
4c/ If no right, check if user has deny right (If so NOT OK)
5/ If no right at the previous level, check rights at the space level
(If so OK)
5b/ If somebody has these rights, NOT OK
5c/ If no right, check if user has deny right at the space level (If so
NOT OK)
6/ If no right at the previous level, check rights at the xwiki level
(If so OK)
6b/ If somebody has these rights, NOT OK
6c/ If no right, check if user has deny right at the XWiki level (If so
NOT OK)
7/ If no right at all, then it's OK
Ludovic
Andreas Haumer wrote:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hi Ludovic,
Ludovic Dubost schrieb:
--
Ludovic Dubost
XPertNet: http://www.xpertnet.fr/
Blog: http://www.ludovic.org/blog/
XWiki: http://www.xwiki.com
Skype: ldubost AIM: nvludo Yahoo: ludovic
This is kind of a feature..
When the skin is wiki-based (as opposed to the 'default' skin stored in
the file-system), you can't neither 'always authentication on view',
neither forbid viewing of the skin page..
Either fallback to the default skin (in the preferences), or deactivate
'always authentication on view' and give view rights to all users to the
skin page
I have to admit that I still don't really understand
the details of access rights concepts in XWiki. There
are many places where one can configure some parts
of wiki access rights and as a whole it's a little bit
confusing to me ... :-(
I wanted to create a Wiki which can only be used by
authenticated users. That's why I had the setting of
"Always authenticate on viewing" of the "Parameters"
section of XWiki.XWikiPreferences to "yes"
I now changed that to "No" and noticed that users still
have to authenticate before they can view any content
of the wiki. Also, the CSS problem on the login page
is still there. Perhaps users do not have the necessary
view rights? But I have given the XWiki.XWikiAllGroup
"view" rights on the XWiki.XWikiGlobalRights level...
What does the "Always authenticate on viewing" parameter do,
anyway?
I also tried to change the skin configuration, but I haven't
really figured how I should do this. First, I had the skin
"XWiki.MySkin" configured (XWiki preferences, section "Skin",
attribute "Skin"). Lacking a better idea, I changed that to
the value "default" (is that the right value? There is no
list or drop-down menu where one can choose the right value).
With the skin setting of "default" it _looks_ like the CSS
problem is gone, though I'm not really sure as sometimes old
cookie settings and cached pages in the browser invalidate
my test results. I need firther testing I guess...
A lot of questions, some more grey hairs... ;-)
- - andreas
- --
Andreas Haumer | mailto:andreas@xss.co.at
*x Software + Systeme | http://www.xss.co.at/
Karmarschgasse 51/2/20 | Tel: +43-1-6060114-0
A-1100 Vienna, Austria | Fax: +43-1-6060114-71
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org
iD8DBQFDX8wUxJmyeGcXPhERAp3wAJ9/7AQY+bAX7akhapK9M6GOlhJy1wCguQpD
Fp+TFyS/FD02wn4Yt6DpCl8=
=O343
-----END PGP SIGNATURE-----
------------------------------------------------------------------------
--
You receive this message as a subscriber of the xwiki-users(a)objectweb.org mailing list.
To unsubscribe: mailto:xwiki-users-unsubscribe@objectweb.org
For general help: mailto:sympa@objectweb.org?subject=help
ObjectWeb mailing lists service home page: http://www.objectweb.org/wws
6959
days inactive
6959
days old
3 comments
2 participants
participants (2)
-
Andreas Haumer -
Ludovic Dubost