jspwiki是一款apache推出的开源的基于jsp的wiki系统,基于文件系统,具有权限管理和搜索功能。就jspwiki的配置和使用总结如下:
环境:
· tomcat 7
· jdk1.6 32位
· jspwiki2.10.1
配置:
1 下载JSPWiki.war,放进tomcat的webapp文件夹下。启动tomcat,JSPWiki就会自动部署。
2 按照官网的说明,此时wiki就可以使用了。在浏览器中打开localhost:8080/JSPWiki/Install.jsp(即http://<myhost>/<appname>/Install.jsp)来初始化wiki,需要填的是baseURL,然后点配置,此时会提示你,自动生成了一个用户名为admin,密码随机的账户,一定要记住这个密码。否则就得重新部署了。
3 点击配置之后,网页会提示在tomcat的路径下生成一个temp文件夹,其中包含一个jspwiki-custom.properties文件。这个jspwiki-custom.properties文件很重要,用于配置wiki的各种参数。有的博客说,在应用的WEB-INF文件夹下会有一个jspwiki.properties也可以用于修改配置,实际上,那是很老的版本了。现在已经无法在这个文件夹下找到这个文件了。
4 修改temp文件下的jspwiki-custom.properties是没用的,配置不会生效。按照官网的说法,应该放到tomcat的lib目录中去,或者其他classpath路径中。
5 我的jspwiki-custom.properties配置如下:
#Fri Jul 04 13:48:45 CST 2014
jspwiki.basicAttachmentProvider.storageDir=C:/program/jspwiki/wiki_content
jspwiki.fileSystemProvider.pageDir=C:/program/jspwiki/wiki_content
jspwiki.pageProvider=VersioningFileProvider
jspwiki.applicationName=MyWiki
jspwiki.security=jaas
jspwiki.workDir=C:/program/jspwiki/wiki_content/temp
jspwiki.baseURL=http\://localhost\:8080/JSPWiki/
#日志文件的路径
log4j.appender.FileLog.File=C:/program/jspwiki/wiki_content/jspwiki.log
#支持中文搜索
jspwiki.lucene.analyzer = org.apache.lucene.analysis.cjk.CJKAnalyzer
jspwiki.encoding = UTF-8
#支持html
jspwiki.translatorReader.allowHTML = true
6 由于tomcat 的原因,这样配置之后,还是不能支持中文搜索,需要:
· 在Tomcat的 Server.xml中的Connector加入属性URIEncoding="UTF-8"(我的Connector有两个,两个都加了该属性)
· 把各个JSP中都加入UTF-8的标记。(<%@ page pageEncoding="utf-8"%>)
这样就配置完成了。不过这么配置之后的wiki是没有任何内容的。所以添加一些内容。建议下载jspwiki-wikipages-zh_CN-2.10.1.zip,即中文wikipage的示例,解压之后,放入jspwiki.fileSystemProvider.pageDir这一项配置的文件夹中。
7 jspwiki添加页面的方法,就是在地址栏中输入http://<myhost>/<appname>/Wiki.jsp?page=XXXXXX,如果这个XXXXXX是没有的页面,就会提示你新增页面了。
8 在编辑页面的时候点击右边的帮助,可以查看wiki页面的语法。
---- 水平分隔线
\\ 强制断行
[link] 创建 "link" 的超链接,其中 "link" 可以是内部 Wiki 名称(Wiki 页面
名称)或者外部链接(http://)
[text|link] 创建一个显示文本和实际超链接不同的超链接,其中“text”为要 显示的文本;“link”为实际的超链接。
[text|wiki:link] 创建一个显示文本和实际超链接不同的超链接,
并且超链接指向指定的 Wiki(比如 JSPWiki、MediaWiki 等等)。
这种链接支持 Wiki 之间的链接。
* 创建一个项目列表(星号 '*' 必需为所在行第一个字符)。用连续多个星号(**)
表示次级项目符号。
# 创建一个编号列表(星号 '*' 必需为所在行第一个字符)。用连续多个#号(##,###)
表示缩进/次级编号。
!, !!, !!! 在行首加上感叹号(!)生成标题。
感叹号越多表示标题越大。
__text__ 文本加粗。
''text'' 给文本斜体效果(注意是单引号 ')
{{text}} 使文本变为等款字体。
;term:def 用 'def' 定义 'term'。用空的 'term' 可以表示简短注释(如,;:Created on 2008/02/28)。
|text|more text 生成表格。两条竖线“||”表示表格标题。
9 权限控制。这个是最复杂的。jspwiki的权限可以再两个地方控制,一个是在应用的WEB-INF文件夹下的jspwiki.policy中进行修改,另外就是在编辑页面的时候修改。编辑页面时可修改的是页面的访问权限。即让那些用户访问,不让那些用户访问。页面级别的权限控制要比全局控制的优先级高。需要在页面的最顶端加上
[{ALLOW 权限 角色}]
[{DENY 权限 角色}]
例如:
[{ALLOW edit GroupAdmin}]
[{ALLOW view All}]
在jspwiki.policy中修改的是全局权限,可以对用户组的权限进行管理。jspwiki默认的用户组有:
| 用户组 | 解释 |
| All | 所有用户 |
| Anonymous | 未登录用户,也没有cookie的用户 |
| Asserted | 未登录,但有cookie的用户 |
| Authenticated | 登录用户 |
| Admin | 管理员 |
可以看出,All包含其他所有用户组。
权限管理的语法是:
grant principal org.apache.wiki.auth.authorize.Role "<用户组名>" {
permission org.apache.wiki.auth.permissions.PagePermission "*:*", "<权限1>";
permission org.apache.wiki.auth.permissions.WikiPermission "*", "<权限2>";
permission org.apache.wiki.auth.permissions.WikiPermission "*", "<权限3>";
};
例如:
grant principal org.apache.wiki.auth.authorize.Role "All" {
permission org.apache.wiki.auth.permissions.PagePermission "*:*", "view";
permission org.apache.wiki.auth.permissions.WikiPermission "*", "login";
permission org.apache.wiki.auth.permissions.WikiPermission "*", "editProfile";
};
给所有用户看、登录、注册的权利。
权限分为四类:
· com.ecyrd.jspwiki.auth.permissions.PagePermission 页面权限 这个权限是我们最常使用的权限, 限定了用户可以对页面进行哪些操作, 可以使用的权限包括: *, comment, delete, edit, modify, rename, upload, view.
· com.ecyrd.jspwiki.auth.permissions.WikiPermission Wiki 权限 这个权限则定义了用户登录, 注册, 建立新页面是否可用, 也是比较常用的. 包括: createGroups, createPages, editPreferences, editProfile 和 login.
· com.ecyrd.jspwiki.auth.permissions.GroupPermission 组权限 这个权限一般来说只对管理员进行开放, 用来对用户分组, 注意每个 Group 的名称也对应着一个安全角色, 这样便于为多个用户指定一个权限.
· com.ecyrd.jspwiki.auth.permissions.AllPermission 所有权限 警告: 这个权限很危险, 一般来说只对管理员开放.
最后给出一个例子,一般用户可以浏览、注册、登录wiki,但是无法修改页面内容和新增页面。之后admin组的成员能够修改和新增页面。
// Licensed to the Apache Software Foundation (ASF) under one
// or more contributor license agreements. See the NOTICE file
// distributed with this work for additional information
// regarding copyright ownership. The ASF licenses this file
// to you under the Apache License, Version 2.0 (the
// "License"); you may not use this file except in compliance
// with the License. You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing,
// software distributed under the License is distributed on an
// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
// KIND, either express or implied. See the License for the
// specific language governing permissions and limitations
// under the License.
// $Id: jspwiki.policy,v 1.23 2007-07-06 10:36:36 jalkanen Exp $
//
// This file contains the local security policy for JSPWiki.
// It provides the permissions rules for the JSPWiki
// environment, and should be suitable for most purposes.
// JSPWiki will load this policy when the wiki webapp starts.
//
// As noted, this is the 'local' policy for this instance of JSPWiki.
// You can also use the standard Java 2 security policy mechanisms
// to create a consolidated 'global policy' (JVM-wide) that will be checked first,
// before this local policy. This is ideal for situations in which you are
// running multiple instances of JSPWiki in your web container.
// To set a global security policy for all running instances of JSPWiki,
// you will need to specify the location of the global policy by setting the
// JVM system property 'java.security.policy' in the command line script
// you use to start your web container. See the documentation
// pages at http://doc.jspwiki.org/2.4/wiki/InstallingJSPWiki. If you
// don't know what this means, don't worry about it.
//
// Also, if you are running JSPWiki with a security policy, you will probably
// want to copy the contents of the file jspwiki-container.policy into your
// container's policy. See that file for more details.
//
// ------ EVERYTHING THAT FOLLOWS IS THE 'LOCAL' POLICY FOR YOUR WIKI ------
// The first policy block grants privileges that all users need, regardless of
// the roles or groups they belong to. Everyone can register with the wiki and
// log in. Everyone can edit their profile after they authenticate.
// Everyone can also view all wiki pages unless otherwise protected by an ACL.
// If that seems too loose for your needs, you can restrict page-viewing
// privileges by moving the PagePermission 'view' grant to one of the other blocks.
//grant principal org.apache.wiki.auth.authorize.Role "All" {
// permission org.apache.wiki.auth.permissions.PagePermission "*:*", "view";
// permission org.apache.wiki.auth.permissions.WikiPermission "*", "editPreferences";
// permission org.apache.wiki.auth.permissions.WikiPermission "*", "editProfile";
// permission org.apache.wiki.auth.permissions.WikiPermission "*", "login";
//};
grant principal org.apache.wiki.auth.authorize.Role "All" {
permission org.apache.wiki.auth.permissions.PagePermission "*:*", "view";
permission org.apache.wiki.auth.permissions.WikiPermission "*", "login";
permission org.apache.wiki.auth.permissions.WikiPermission "*", "editProfile";
};
// The second policy block is extremely loose, and unsuited for public-facing wikis.
// Anonymous users are allowed to create, edit and comment on all pages.
//
// Note: For Internet-facing wikis, you are strongly advised to remove the
// lines containing the "modify" and "createPages" permissions; this will make
// the wiki read-only for anonymous users.
// Note that "modify" implies *both* "edit" and "upload", so if you wish to
// allow editing only, then replace "modify" with "edit".
//grant principal org.apache.wiki.auth.authorize.Role "Anonymous" {
// permission org.apache.wiki.auth.permissions.PagePermission "*:*", "modify";
// permission org.apache.wiki.auth.permissions.WikiPermission "*", "createPages";
//};
// This next policy block is also pretty loose. It allows users who claim to
// be someone (via their cookie) to create, edit and comment on all pages,
// as well as upload files.
// They can also view the membership list of groups.
//grant principal org.apache.wiki.auth.authorize.Role "Asserted" {
// permission org.apache.wiki.auth.permissions.PagePermission "*:*", "modify";
// permission org.apache.wiki.auth.permissions.WikiPermission "*", "createPages";
// permission org.apache.wiki.auth.permissions.GroupPermission "*:*", "view";
//};
// Authenticated users can do most things: view, create, edit and
// comment on all pages; upload files to existing ones; create and edit
// wiki groups; and rename existing pages. Authenticated users can also
// edit groups they are members of.
//grant principal org.apache.wiki.auth.authorize.Role "Authenticated" {
// permission org.apache.wiki.auth.permissions.PagePermission "*:*", "modify,rename";
// permission org.apache.wiki.auth.permissions.GroupPermission "*:*", "view";
// permission org.apache.wiki.auth.permissions.GroupPermission "*:<groupmember>", "edit";
// permission org.apache.wiki.auth.permissions.WikiPermission "*", "createPages,createGroups";
//};
grant principal org.apache.wiki.auth.authorize.Role "Authenticated" {
permission org.apache.wiki.auth.permissions.GroupPermission "*:*", "view";
};
// Administrators (principals or roles possessing AllPermission)
// are allowed to delete any page, and can edit, rename and delete
// groups. You should match the permission target (here, 'JSPWiki')
// with the value of the 'jspwiki.applicationName' property in
// jspwiki.properties. Two administative groups are set up below:
// the wiki group "Admin" (stored by default in wiki page GroupAdmin)
// and the container role "Admin" (managed by the web container).
grant principal org.apache.wiki.auth.GroupPrincipal "Admin" {
permission org.apache.wiki.auth.permissions.AllPermission "*";
};
grant principal org.apache.wiki.auth.authorize.Role "Admin" {
permission org.apache.wiki.auth.permissions.AllPermission "*";
};
参考:
http://driver.rplinux.org/software/show_resource.php?resource_id=203
https://jspwiki-wiki.apache.org/Wiki.jsp?page=Main
183
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
