We relaunched the TWiki.org project with an expanded TWiki charter, and we invite you to participate! The TWiki.org Code of Conduct agreement took effect on 27 Oct 2008. We ask existing twiki.org users to opt-in. You need to opt-in to participate in the Blog, Codev, Plugins and TWiki webs. -- PeterThoeny - 27 Oct 2008
You are here: TWiki> Support Web>AccessControlProblem (20 Dec 2003, TamaraTemple)
Tags:
create new tag
, view all tags

Question

Hi -

I have recently installed twiki and have successfully managed to get most of the things working - including basic authentication. The only problem seems to be with access control. I would like to prevent users from changing certain areas of the site, typically the preferences pages. So I thought I should use the obvious TWikiAdminGroup. I have listed the contents of this page below:

TWiki Administrator Group

Related topics: TWikiUsers, TWikiGroups, TWikiAccessControl

-- PeterThoeny - 28 Oct 2000
-- DhirajMighlani - 17 Mar 2003

However, if I now try to modify this page or any other page with Set ALLOWTOPICCHANGE = TWikiAdminGroup, I get the error:

Change Access Denied You do not have permission to change topic TWikiAdminGroup.

Surprisingly, I can create new webs - so it does recognise that I belong to TWikiAdminGroup? .

Would be extremely grateful if you help me unravel this problem. All system details are listed below. Else, I'll have to persist with shell access to get around things frown

  • TWiki version: 01 Feb 2003
  • Perl version: v5.6.1 built for i686-linux
  • Web server & version: Apache 2
  • Server OS: Linux
  • Web browser & version: IE 6
  • Client OS: Win 2000
  • Skin: GnuSkin?

Thanks and regards

-- DhirajMighlani - 17 Mar 2003

Try it again using the default skin. I had severe access control problems (only) when using GnuSkin? . In my case it sufficed to override the skin for edit by appending the URL with ?skin=default.

-- NilsBluemer - 09 Sep 2003

Answer

You locked yourself out of this topic too with above example. I added <nop>s to defuse it.

  • Is the edit script authenticated? E.g. does your signature show up when you edit a topic?
  • Does that signature look exactly like -- Main.DhirajMighlani - 05 Dec 2008
  • Is the manage script authenticated in .htaccess?

-- PeterThoeny - 20 Apr 2003

The problem is that gnusave is not in the .htaccess file. You need to add the following before the final "*" entry in .htaccess 

   <Files "gnusave">
         require valid-user
   </Files>

-- TamaraTemple - 20 Dec 2003

WebForm
SupportStatus ClosedUnanswered
Edit | Attach | Print version | History: r5 < r4 < r3 < r2 < r1 | Backlinks | Raw View | Raw edit | More topic actions
Topic revision: r5 - 20 Dec 2003 - 18:36:13 - TamaraTemple
 
TWIKI.NET
This site is powered by the TWiki collaboration platformCopyright © by the contributing authors. All material on this collaboration platform is the property of the contributing authors.
Ideas, requests, problems regarding TWiki? Send feedback