1 Reply Latest reply on Jan 25, 2006 12:31 PM by mholzner

    how to add security in a page ?

      hi,

      i deploy a two portlets in a war file.

      the two portlets are in a page, testPage.

      when i deploy the war, i can see a tab with my testPage and the 2 portlets.

      but I want that this page is only visible for authenticated users.

      so in my file-object.xml i use the security-constraint tag like this :



      <page>
       <page-name>testPage</page-name>
       <security-constraint>
       <auth-constraint>
       <role-name>Authenticated</role-name>
       </auth-constraint>
       </security-constraint>


      and in the portlet.xml :


      </portlet>
       <portlet>
       <portlet-name>TestPortletB</portlet-name>
       <portlet-class>PortletB</portlet-class>
       <supports>
       <mime-type>text/html</mime-type>
       <portlet-mode>VIEW</portlet-mode>
       </supports>
       <portlet-info>
       <title>Test portlet B</title>
       </portlet-info>
       <security-role-ref>
       <role-name>Authenticated</role-name>
       </security-role-ref>
       </portlet>



      results: nothing.
      i still can see the page TestPage and the 2 portlets.


      I know i can perform it with the management console but is it possible to do it in the config files ? (i'm sure it is ! )

      thanks for help

      bye bye
      Lionel

        • 1. Re: how to add security in a page ?


          You're missing the action that is allowed. Add an action-name element like:

           <security-constraint>
           <policy-permission>
           <role-name>Authenticated</role-name>
           <action-name>view</action-name>
           </policy-permission>
           </security-constraint>
          


          and it should work