1 Reply Latest reply on Apr 5, 2007 3:56 PM by nollie

Trouble with security contraints

nollie Apr 5, 2007 3:26 PM

Hello. I'm using portal 2.4.1 on 4.0.5GA. I recently got my LDAP authentication working and started trying out the security constraints.

Everything was working until I removed my test user from the "Authenticated' group in LDAP. At first my credentials were cached, but I blew away the hypersonic database and tried to login again and was correctly denied viewing a portlet that required the "Authenticated" role. Now I can't get it to work correctly again.

I have changed the security constraint to "Admin" in hopes that would get me somewhere, as my users can login and see the Admin tab on the web console, but I'm still not about to see my portlet.

Am i missing a cache of old credentials somewhere? DefaultCacheTimeout is set to zero.

This is the stack trace I'm seeing:

15:22:53,395 ERROR [PortalPermissionCollection] Permission check against the rep
ository failed
java.lang.IllegalArgumentException: Illegal action viewrecursive
 at org.jboss.portal.core.model.instance.InstancePermission.addAction(Ins
tancePermission.java:117)
...

And finally, for a brief time I added this to my login-config.xml ( not sure if this is relevant):

<!-- Add this line to your login-config.xml to include the ClientLoginModule propogation -->
 <login-module code="org.jboss.security.ClientLoginModule" flag="required" />

Thanks!

1. Re: Trouble with security contraints

nollie Apr 5, 2007 3:56 PM (in response to nollie)

I finally got it!

I had to set DefaultCacheTimeout, AND DefaultCacheResolution to zero and rebuild the database.
Actions