[dokuwiki] Re: RSS and ACL
- From: Olivier Lumineau <olivier.lumineau@xxxxxx>
- To: dokuwiki@xxxxxxxxxxxxx
- Date: Thu, 10 Dec 2009 15:32:33 +0100
Some points who can maybe help, on our instalation :
- Shibboleth authentication (http://www.sympa.org/contribs/shibbolethauth)
- not just a wiki, but a farm
The content of conf/acl.auth.php :
# acl.auth.php
# <?php exit()?>
# Don't modify the lines above
#
# Access Control Lists
#
# Editing this file by hand shouldn't be necessary. Use the ACL
# Manager interface instead.
#
# If your auth backend allows special char like spaces in groups
# or user names you need to urlencode them (only chars <128, leave
# UTF-8 multibyte chars as is)
#
# none 0
# read 1
# edit 2
# create 4
# upload 8
# delete 16
* @ALL 0
* @admin 16
prive:* @noustestons%40cru%2efr 16
playground:* @noustestons%40cru%2efr 16
sidebar @ALL 1
sidebar @noustestons%2drequest%40cru%2efr 2
index @ALL 1
public:* @ALL 1
creer_une_nouvelle_page @noustestons%40cru%2efr 1
Olivier LUMINEAU
Comité Réseau des Universités |--> www.cru.fr <http://www.cru.fr/>
-------
Tél : 02 23 23 69 05
Fax : 02 23 23 71 11
mail : olivier.lumineau@xxxxxx
Andreas Gohr a écrit :
I read the thread from the list "Restricted content leaking through RSS"
(2009/05/06 06:39) and the post http://forum.dokuwiki.org/thread/4563 from
dokuwiki forum, and i have the same problem :
Subscribing to the main feed, anyone can access to all content, including
protected pages ! :-(
i don't understand, any other ideas that cookies ?
Can you please post the content of your conf/acl.auth.php ?
Other related posts:
