Rights Management

Last modified by Guillaume Delhumeau on 2015/09/02 12:17

The images and documentation below feature the new Rights Management UI available since XWiki Enterprise 1.1.2 and XWiki Enterprise 1.2M2 and beyond.

XWiki allows you to control all access permissions at a fine grained level. There are different levels of control and these rights are cumulative. The rights for a page override the rights for a space, which override the rights for a wiki.

Thanks to the three levels of control offered by XWiki, it becomes quite easy to manage places where people are allowed to read, write and comment - or not allowed to.

You can create groups of users in order to manage the rights of a category of people more easily.

For instance, say you have managers and staff in the marketing and IT department: you can create a group for the staff on each department and another for managers (4 in all), and a space for every category. Then you can choose to let marketing staff access the marketing space only, but let marketing managers have access to the IT space at the staff level (but not IT manager level), and so on...

You'll need to have the admin right granted in order to modify permissions for other users and groups.

Rights at the wiki level

Click on the "Wiki" menu and then on "Administer Wiki". Click on the "Rights" link located under "Users & Groups" as shown in the following images:


Since XWiki 7.2M3, the "Administer Link" is located in the Drawer, that you can enable by clicking on the top right icon.




Here's how you can change permissions:

  • Select the Users or Groups for which you want to set a permission.
  • Click once in a checkbox to allow a right, twice to deny it and three times to clear the right (delete the entry). As a result, rights entries are saved automatically, using the Ajax technology.

There are some default users and groups you need to know about:

  • Unregistered Users: represents the anonymous user (i.e., a user not logged in)
  • XWikiAllGroup: represents all groups
  • XWikiAdminGroup: represents all users with admin privileges

Rights at the space level

In order to edit rights at the space level you need to click on the "Space" menu (located on the top bar), click "Administer Space" and then click on the "Rights" link.


Then use exactly the same steps as the ones used for changing global rights.

Since 7.2 RC 1, the notion of space does not exist anymore. But you can change the rights of the parent page, and it will affect the current page. See the next section to know more about this.

Note: on terminal pages (documents that cannot have child), there is an "Administer Parent" button in the "more actions" menu:


Rights at the page level

This is available only to Advanced users, make sure you switch your account to Advanced mode before trying to edit page rights.

Simply navigate to the page for which you wish to change the permissions. Click on the arrow in the "Edit" menu and then on "Access Rights":


Since 7.2 RC 1, there is 2 ways to get to this page:

  • if you are on a terminal page (a page that cannot have child), it's still on the same place (edit > access rights).
  • if not, you have to go to the actions menu (the menu with 3 vertical dots) and then click on "Administer Page":

    In this page, you will have 2 choices:

      • "Rights" for the rights of this page that also affect the children of the page:


      • "Page Rights" for the rights of this page only (children are not affected):


Activating CAPTCHAs for anonymous comments

Supported since XWiki Enterprise 2.3.

Go to the "Rights" administration page and tick the Require unregistered users to solve a captcha when posting a comment on a page check box as show on the following image:


Note that you also need to give the Comment right to unregistered users. After you've done so unregistered users will see the following when entering a comment on a page:


Created by VincentMassol on 2007/11/27 23:39

Get Connected