Deprecated! Needs review.
To secure a KnowWE(JSPWiki) installation, you have to edit two files:
  • jspwiki.properties: at the very bottom uncomment the line spwiki.approver.workflow.saveWikiPage=Admin to enable the forced approval of new user accounts by an admin. (Make sure there is an 'Admin' group)
  • jspwiki.policiy: comment the permissions of 'Anonymous' to disable anonymous editing before:
grant principal com.ecyrd.jspwiki.auth.authorize.Role "Anonymous" { permission com.ecyrd.jspwiki.auth.permissions.PagePermission "*:*", "modify"; permission com.ecyrd.jspwiki.auth.permissions.WikiPermission "*", "createPages"; }; after: grant principal com.ecyrd.jspwiki.auth.authorize.Role "Anonymous" { // permission com.ecyrd.jspwiki.auth.permissions.PagePermission "*:*", "modify"; // permission com.ecyrd.jspwiki.auth.permissions.WikiPermission "*", "createPages"; };

After that, restart the container and the wiki is secure.

<tags>HowTo</tags>