• Do not register here on develop.twiki.org, login with your twiki.org account.
• Use View topic Item7848 for generic doc work for TWiki-6.1.1. Use View topic Item7851 for doc work on extensions that are not part of a release. More... Close
• Anything you create or change in standard webs (Main, TWiki, Sandbox etc) will be automatically reverted on every SVN update.
Does this site look broken?. Use the LitterTray web for test cases.

Item5524: LdapContrib breaks EditTablePlugin authorization

Item Form Data

AppliesTo: Component: Priority: CurrentState: WaitingFor: TargetRelease ReleasedIn
Extension LdapContrib Normal New   n/a  

Edit Form Data

Reported By:
Applies To:
Current State:
Waiting For:
Target Release:
Released In:


On Twiki 4.2.0, we have just implemented LdapContrib, which we eventually configured to work very well. Using web-level and topic-level access control works great using ldap logins and TWiki groups. Then I noticed that whenever I hit the button to Edit on a EditTable, I get an "Access Denied" oops, even though editing the topic which contains the table works fine. This problem seems to only occur when there is a topic- or web-level access control in effect (ALLOWTOPICVIEW, ALLOWWEBCHANGE, etc). I added a little extra debug output to EditTable's Core.pm and get the following in debug.txt:

| 11 Apr 2008 - 10:44 | - TWiki::Plugins::EditTablePlugin::initPlugin( SslInfo ) is OK
| 11 Apr 2008 - 10:44 | - EditTablePlugin::commonTagsHandler( SslInfo )
| 11 Apr 2008 - 10:44 | - EditTablePlugin::doEnableEdit( SysEng, SslInfo )
| 11 Apr 2008 - 10:44 | - TWiki::Func::getWikiName() = CharlesHerron
- TWiki::Func::checkAccessPermission('change', CharlesHerron, undef, SslInfo, SysEng)
| 11 Apr 2008 - 10:44 | - TWiki::Plugins::EditTablePlugin::initPlugin( SslInfo ) is OK

From the error.log (LdapContrib's output):

constructed a new LdapContrib object
cacheAge=1579, lastUpdate=1207923697, refresh=0
cacheAge=1579, lastUpdate=1207923697, refresh=0
called lookupWikiName(cherron)
called lookupWikiName(cherron)
called lookupWikiName(CharlieHerron)
called lookupWikiName(CharlieHerron)
called lookupWikiName(CharlesHerron)
constructed a new LdapContrib object
cacheAge=1580, lastUpdate=1207923697, refresh=0
cacheAge=1580, lastUpdate=1207923697, refresh=0
called lookupWikiName(cherron)
called lookupWikiName(cherron)

-- TWiki:Main/CharlieHerron - 11 Apr 2008

I can confirm this behavior. It seems that only LDAP Users are concerned. If you login in as a TWikiAdmin the EditTablePlugin works just fine.

-- TWiki:Main.GerhardHeeke - 04 Jun 2008

The patches to TWiki-4.2's user code in Item5118 fixed that for me.

-- TWiki:Main.MichaelDaum - 04 Jun 2008

Summary LdapContrib breaks EditTablePlugin authorization
ReportedBy TWiki:Main.CharlieHerron
Codebase 4.2.0
SVN Range TWiki-5.0.0, Thu, 03 Apr 2008, build 16612
AppliesTo Extension
Component LdapContrib
Priority Normal
CurrentState New


TargetRelease n/a

Edit | Attach | Watch | Print version | History: r3 < r2 < r1 | Backlinks | Raw View |  Raw edit | More topic actions
Topic revision: r3 - 2008-06-04 - MichaelDaum
This site is powered by the TWiki collaboration platform Powered by PerlCopyright © 2008-2023 by the contributing authors. All material on this collaboration platform is the property of the contributing authors.
Ideas, requests, problems regarding TWiki? Send feedback