You are here: Foswiki>Tasks Web>Item4981>DebianPackage>Item10225 (26 Jan 2011, GeorgeClark)Edit Attach

Item10225: Access Control Failures since upgrade to foswiki 1.0.10 (debian version).

pencil
Priority: Urgent
Current State: No Action Required
Released In: n/a
Target Release: n/a
Applies To: Extension
Component: DebianPackage
Branches:
Reported By: BryanWalton
Waiting For:
Last Change By: GeorgeClark
On December 26th, we updated a bunch of Debian foswiki packages:

foswiki_1.0.10-0_all.deb foswiki-calendarplugin_100708-215_all.deb foswiki-bugscontrib_101005-215_all.deb foswiki-checklistplugin_091021-215_all.deb foswiki-checklisttableplugin_090514-215_all.deb foswiki-databaseplugin_081129-215_all.deb foswiki-editrowplugin_090225-215_all.deb foswiki-jqueryplugin_101214-215_all.deb foswiki-ldapcontrib_101216-215_all.deb foswiki-moveabletypeskin_090220-215_all.deb foswiki-msofficeattachmentsashtmlplugin_090421-215_all.deb foswiki-wikidrawplugin_101024-215_all.deb foswiki-zoneplugin_101006-215_all.deb

Since the upgrade, we are having access control problems. We are using ldapcontrib for authentication which appears to still work. We also use ldapcontrib for group management and web access control. ldapcontrib is successfully reading our LDAP groups. However, since the upgrade access controls are no longer working. The only webs viewable by anyone are webs that have unrestricted viewing. The only webs that can have content changed on them are webs that have unrestricted content changing. This doesn't seem to be an ldap problem. For example:

in the Main web, I have group defined as SysAdminGroup. If I view that page, it lists myself and one other person as members of the group. It also states that the SysAdminGroup is the group that is allowed to change the page. However, if I try to edit the page, I receive the following error:

"Access check on SysAdminGroup failed. Action "CHANGE": access not allowed on topic." I get a similar error if I try to view any web that has restricted access but that I am supposed to be allowed to view.

-- BryanWalton - 04 Jan 2011

Does anybody have any ideas or input on this? This problem is making foswiki unusable for us.

-- BryanWalton - 10 Jan 2011

OK, this is embarrassing. Turns out that the AdminGroup.txt file somehow got messed up inside the data/Main folder. This is not a bug for the Foswiki developers. Please close this ticket. Again, sorry for the difficulty.

-- BryanWalton - 26 Jan 2011
 

ItemTemplate edit

Summary Access Control Failures since upgrade to foswiki 1.0.10 (debian version).
ReportedBy BryanWalton
Codebase 1.0.10
SVN Range
AppliesTo Extension
Component DebianPackage
Priority Urgent
CurrentState No Action Required
WaitingFor
Checkins
TargetRelease n/a
ReleasedIn n/a
Edit  | Attach | Print version | History: r4 < r3 < r2 < r1 | Backlinks | View wiki text | Edit wiki text | More topic actions
Topic revision: r4 - 26 Jan 2011, GeorgeClark
The copyright of the content on this website is held by the contributing authors, except where stated elsewhere. See Copyright Statement. Creative Commons License    Legal Imprint    Privacy Policy