• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Ron McLeod
  • Paul Clapham
  • Bear Bibeault
  • Junilu Lacar
Sheriffs:
  • Jeanne Boyarsky
  • Tim Cooke
  • Henry Wong
Saloon Keepers:
  • Tim Moores
  • Stephan van Hulst
  • Tim Holloway
  • salvin francis
  • Frits Walraven
Bartenders:
  • Scott Selikoff
  • Piet Souris
  • Carey Brown

What is the best way to do private forums?

 
Ranch Hand
Posts: 17424
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi,

What is the best way to do private forums? I've created category and then restrict this category to anonymous user. It leads to the situation when anonymous cannot see forums but still can search for messages in hiddent forums. I filed a bug in jira but I am not sure that this was the right solution.

I also tried to lock anonymous that made no effect (bug or not?). Actually, I need to host provate forums only with security restrictions: i.e. forums should be available to the specific groups only. No anonymous brousing. I can make some dummy forums for anonymous but the rest should be private. What is the best way to do it?

Thank you,
Mark
[originally posted on jforum.net by karmen]
 
Migrated From Jforum.net
Ranch Hand
Posts: 17424
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator

karmen wrote:Hi,

What is the best way to do private forums? I've created category and then restrict this category to anonymous user. It leads to the situation when anonymous cannot see forums but still can search for messages in hiddent forums. I filed a bug in jira but I am not sure that this was the right solution.



Hm, I'll take a look. Seems a bug really.

karmen wrote:
I also tried to lock anonymous that made no effect (bug or not?). Actually, I need to host provate forums only with security restrictions: i.e. forums should be available to the specific groups only. No anonymous brousing. I can make some dummy forums for anonymous but the rest should be private. What is the best way to do it?



hhmm.. As far as I know, anonymous lock is working. To restict anonymous browsing, the best way would be to create a specific group for the forums and deny access to it to the General group ( which is the one associated by default to new users / anonymous user ). So, the users you want to see the forums, you just associate them with the "special" group.

Rafael
[originally posted on jforum.net by Rafael Steil]
 
Migrated From Jforum.net
Ranch Hand
Posts: 17424
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Thank you for your answers, Rafael.

I went with the solution of creating group and restricting General to see the restricted forums. It worked fine but Search unveils all restricted forums and messages. I would appreciate the fix of this.

While the search problem exists I would be Ok if I would lock anonymous. I did but I can still see the groups allowed for General by anonymous. I can also Search that, basically, generates a problem. Actually, if I could disable search by anonymous, I wouild be also fine.

How can we research the problem with anonymous? I locked it in admin / users. Then I open the other browser session (it is actually the other browser: IE while I do admin work in netscape). And I can see the public groups by anonymous. Maybe I am not doing something important to lock anonymous.
[originally posted on jforum.net by karmen]
 
Migrated From Jforum.net
Ranch Hand
Posts: 17424
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I can actually give you login to my JForum if you would need to research this problem with anonymous lock. It currently demonstrates my situation: you can see two public groups, then you can login as administrator and then see the anonymous is locked.
[originally posted on jforum.net by karmen]
 
Migrated From Jforum.net
Ranch Hand
Posts: 17424
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
So, you are saying that you went to the Permissions of the anonymous users and restricted some forums to it, but the forums still keep showing. Is that?

If so, please try the following: if you have rights to restart Tomcat, do it and see if, after jforum comes up again, if forums are still being shown to the anoymous user.

I have been working on the permission control on the last days and some bugs were fixed. But, if it don't work for you even after the restart, then I'll investigate it further.

Rafael
[originally posted on jforum.net by Rafael Steil]
 
Migrated From Jforum.net
Ranch Hand
Posts: 17424
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator


So, you are saying that you went to the Permissions of the anonymous users and restricted some forums to it, but the forums still keep showing. Is that?



No, this works fine (though search finds hidden forums). My point in this message was that "Lock anonymous" does not work. It still sees the public forums.
[originally posted on jforum.net by karmen]
 
Migrated From Jforum.net
Ranch Hand
Posts: 17424
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator

karmen wrote:


So, you are saying that you went to the Permissions of the anonymous users and restricted some forums to it, but the forums still keep showing. Is that?



No, this works fine (though search finds hidden forums). My point in this message was that "Lock anonymous" does not work. It still sees the public forums.



So, that was my point . I'll make some tests here.

Rafael
[originally posted on jforum.net by Rafael Steil]
 
Migrated From Jforum.net
Ranch Hand
Posts: 17424
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
OK, I found the bug and fixed it.

Rafael
[originally posted on jforum.net by Rafael Steil]
 
Migrated From Jforum.net
Ranch Hand
Posts: 17424
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Thank you.

What the fix is about? Is it anonymous lock or search that does not display hidden messages and forums? These are two different issues. Any one would help me but I will need different workflow.

How to get the fix? If this is CVS then can I install the update on the top of the current setup so that keep all my current configuration.

Thank you again!
[originally posted on jforum.net by karmen]
 
Migrated From Jforum.net
Ranch Hand
Posts: 17424
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
The anonymous one. I'll take a look in the search now.

Yes, you can get it from CVS.

Rafael
[originally posted on jforum.net by Rafael Steil]
 
Migrated From Jforum.net
Ranch Hand
Posts: 17424
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
OK, the search problem is also fixed, among other related issues I noted when fixing the code.

Rafael
[originally posted on jforum.net by Rafael Steil]
 
Migrated From Jforum.net
Ranch Hand
Posts: 17424
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Now I have the problem with upgrade. I completely removed old installation together with postgres database. Then I downloaded CVS version, build it and installed. Everything works fine so far until I register the first user.

JForum generates:
Captcha response does not match the challenge.
when registering.

I do not know what captcha is but I set it to false in Configuration (I can work as administrator). Still the same. It was not in the previous version at all. Could you please tell how can I disable this captcha.

Thank you,
Mark
[originally posted on jforum.net by Anonymous]
 
Migrated From Jforum.net
Ranch Hand
Posts: 17424
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I learned what Captcha is and configured it (thanks to the forum!). Now registration works fine. Still, it is not possible to disable it but it is Ok for me.
[originally posted on jforum.net by karmen]
 
Migrated From Jforum.net
Ranch Hand
Posts: 17424
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator

karmen wrote:I learned what Captcha is and configured it (thanks to the forum!). Now registration works fine. Still, it is not possible to disable it but it is Ok for me.



Hhmm...disable is not working? let me see.

Rafael
[originally posted on jforum.net by Rafael Steil]
 
Migrated From Jforum.net
Ranch Hand
Posts: 17424
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
OK, fixed and commited to CVS.

Rafael
[originally posted on jforum.net by Rafael Steil]
 
Migrated From Jforum.net
Ranch Hand
Posts: 17424
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
The interesting part - I still have troubles with security.

1. Lock anonyumous does not have any effect. The situation is the same: lock anonymous and then navigate to forums: anonymous can see all the forums, hidden or not

2. Now I cannot secure any forum like in the release version. Examples:

2a. If I remove General group from the list of user's groups than user cannot see any forum even if he belongs to the group that is supposed to see some restricted forums

2b. In this situation I cannot make one forum public (available for anonymous) and the other one private (available for the specifiv group)

2c. If a user is an administrator (not the Admin, but the other user with administrator privilege) and he is not in General group that he cannot open categories section that contains two categories: public and private. Here is the error


Expression repository.getCategory(category.id) is undefined on line 41, column 40 in default/admin/category_list.htm. The problematic instruction: ---------- ==> list repository.getCategory(category.id).getForums() as forum [on line 41, column 33 in default/admin/category_list.htm] in include moduleAction [on line 1, column 1 in default/admin/empty.htm] ---------- Java backtrace for programmers: ---------- freemarker.core.InvalidReferenceException: Expression repository.getCategory(category.id) is undefined on line 41, column 40 in default/admin/category_list.htm. at freemarker.core.TemplateObject.assertNonNull(TemplateObject.java:124) at freemarker.core.TemplateObject.invalidTypeException(TemplateObject.java:134) at freemarker.core.Dot._getAsTemplateModel(Dot.java:78) at freemarker.core.Expression.getAsTemplateModel(Expression.java:89) at freemarker.core.MethodCall._getAsTemplateModel(MethodCall.java:86) at freemarker.core.Expression.getAsTemplateModel(Expression.java:89) at freemarker.core.IteratorBlock.accept(IteratorBlock.java:87) at freemarker.core.Environment.visit(Environment.java:171) at freemarker.core.MixedContent.accept(MixedContent.java:92) at freemarker.core.Environment.visit(Environment.java:171) at freemarker.core.IteratorBlock$Context.runLoop(IteratorBlock.java:160) at freemarker.core.Environment.visit(Environment.java:284) at freemarker.core.IteratorBlock.accept(IteratorBlock.java:95) at freemarker.core.Environment.visit(Environment.java:171) at freemarker.core.MixedContent.accept(MixedContent.java:92) at freemarker.core.Environment.visit(Environment.java:171) at freemarker.core.Environment.include(Environment.java:1256) at freemarker.core.Include.accept(Include.java:156) at freemarker.core.Environment.visit(Environment.java:171) at freemarker.core.Environment.process(Environment.java:156) at freemarker.template.Template.process(Template.java:219) at net.jforum.JForum.service(Unknown Source) at javax.servlet.http.HttpServlet.service(HttpServlet.java:856) at




2d. If I restrict some forums from General and I have a user in General then these forums become restricted for this user even if the user is in other groups that should have access to these forums. That is why I reproduced (2c): I was forced to remove General group from a user.

Basically, I wanted to achieve simple goal: I wnted to have four categories: one is available for anonymous, second is available for one group of people, third is available for the second group of people, and the last is available for two groups of people mentioned above and not available for anonymous. As a trade off I would disable anonymous at all (that also did not work). All the problems I encountered were related to this goal.

The other thing I did: I made myself as administrator and performed all administrative tasks as this user, not as Admin. It causes (2c) while Admin does not suffer this.

Thank you,
Mark

[originally posted on jforum.net by karmen]
 
Migrated From Jforum.net
Ranch Hand
Posts: 17424
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Sorry for bothering today. I've got a version from CVS. I cannot create category. Insert category, populate data, select group, it generates exception:

java.lang.reflect.InvocationTargetException: Parameter index out of range.

Here is the tomcat log for this error:
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:324)
at net.jforum.Command.process(Unknown Source)
at net.jforum.view.admin.CategoryAction.process(Unknown Source)
at net.jforum.JForum.service(Unknown Source)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:856)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:284)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:204)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:256)
at org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContext.java:151)
at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:564)
at org.apache.catalina.core.StandardContextValve.invokeInternal(StandardContextValve.java:245)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:199)
at org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContext.java:151)
at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:564)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:195)
at org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContext.java:151)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:164)
at org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContext.java:149)
at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:564)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:156)
at org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContext.java:151)
at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:564)
at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:972)
at org.apache.coyote.tomcat5.CoyoteAdapter.service(CoyoteAdapter.java:211)
at org.apache.jk.server.JkCoyoteHandler.invoke(JkCoyoteHandler.java:309)
at org.apache.jk.common.HandlerRequest.invoke(HandlerRequest.java:387)
at org.apache.jk.common.ChannelSocket.invoke(ChannelSocket.java:673)
at org.apache.jk.common.ChannelSocket.processConnection(ChannelSocket.java:615)
at org.apache.jk.common.SocketConnection.runIt(ChannelSocket.java:786)
at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:677)
at java.lang.Thread.run(Thread.java:534)
Caused by: org.postgresql.util.PSQLException: Parameter index out of range.
at org.postgresql.jdbc1.AbstractJdbc1Statement.bind(AbstractJdbc1Statement.java:2082)
at org.postgresql.jdbc1.AbstractJdbc1Statement.setInt(AbstractJdbc1Statement.java:1043)
at net.jforum.drivers.generic.CategoryModel.addNew(Unknown Source)
at net.jforum.drivers.postgresql.CategoryModel.addNew(Unknown Source)
at net.jforum.view.admin.CategoryAction.insertSave(Unknown Source)
... 34 more


[originally posted on jforum.net by karmen]
 
Migrated From Jforum.net
Ranch Hand
Posts: 17424
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I have found it. The problem is in
jforum\WEB-INF\config\database\postgresql\postgresql.sql

CategoryModel.addNew is defined there with one bind parameter whille the code expects two. The second one is display order that is calculated in the code. I replaced the sequence in postgressql.sql to ? and it starts working.

I am not sure about your intentions so I hesitate to commit the change.
[originally posted on jforum.net by karmen]
 
Migrated From Jforum.net
Ranch Hand
Posts: 17424
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator

karmen wrote:I have found it. The problem is in
jforum\WEB-INF\config\database\postgresql\postgresql.sql

CategoryModel.addNew is defined there with one bind parameter whille the code expects two. The second one is display order that is calculated in the code. I replaced the sequence in postgressql.sql to ? and it starts working.

I am not sure about your intentions so I hesitate to commit the change.



Thanks, I'll fix it in the CVS. I have changed somethings, but didn't tested it with postgresql yet.

Rafael
[originally posted on jforum.net by Rafael Steil]
 
Migrated From Jforum.net
Ranch Hand
Posts: 17424
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
OK, I'll take a look. I'll install postgresql here and see test with it.

Rafael
[originally posted on jforum.net by Rafael Steil]
 
Migrated From Jforum.net
Ranch Hand
Posts: 17424
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator

karmen wrote:
1. Lock anonyumous does not have any effect. The situation is the same: lock anonymous and then navigate to forums: anonymous can see all the forums, hidden or not



What is "lock anonymous" here? I mean, which permission are you refering to? To disable navigation for anonymous user you should set "Restricted forums" or "Restricted categories". "Deny Anonymous posts" only block posts by unregistered users.

Can you explain this first item a bit clear, please?!

Thanks.
Rafael
ps: I'm checking all other security issues
[originally posted on jforum.net by Rafael Steil]
 
Migrated From Jforum.net
Ranch Hand
Posts: 17424
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator

karmen wrote:
2a. If I remove General group from the list of user's groups than user cannot see any forum even if he belongs to the group that is supposed to see some restricted forums



Well, I found a problem with this one: the permissions are not refreshed after you change the user's groups. There are two ways where the refresh may occur: when the user logs out and in again, or after you re-save group's permissions.

However, the problem gets bigger for the anonymous user because its virtually "always" in.

Well, I'm going to fix it.

Rafael
[originally posted on jforum.net by Rafael Steil]
 
Migrated From Jforum.net
Ranch Hand
Posts: 17424
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Ok, I commited a small change to the CVS that may fix some of the problems you are facing ( probably, I guess ).

Rafael
[originally posted on jforum.net by Rafael Steil]
 
Migrated From Jforum.net
Ranch Hand
Posts: 17424
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Thank you, Rafael, for your efforts. Sorry for not helping in development but these days are busy for me.

It seems that I mean something a little bit different under "Lock anonymous". Navigate to Administration / Users. In the users list you see checkbox "Lock". check it, then press a button Lock / Unlock. The checkbox moves to the unlock position that means that the user has been locked. At this point I expect that Anonymous would not see any categories and forums.
[originally posted on jforum.net by karmen]
 
Migrated From Jforum.net
Ranch Hand
Posts: 17424
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hm, no. "Lock" means "Lock the user's account", so he can't log in anymore.

To lock navigation you should edit only the user permissions and restrict access to the Categories / Forums ( go to User -> Permissions )

Rafael
[originally posted on jforum.net by Rafael Steil]
 
Warning! Way too comfortable! Do not sit! Try reading this tiny ad instead:
Thread Boost feature
https://coderanch.com/t/674455/Thread-Boost-feature
    Bookmark Topic Watch Topic
  • New Topic