1 Reply Latest reply on Apr 25, 2007 5:25 PM by anders3

    Can't get page level declaritive security working

    nollie
    nollie Apr 24, 2007 11:43 AM

      Hello everyone

      http://docs.jboss.com/jbportal/v2.4/reference-guide/en/html/security.html#securing_objects
      Clearly states that I can secure pages in my *-object.xml file. After successfully securing an instance with the following security constraint:

      <security-constraint>
 <policy-permission>
 <role-name>Authenticated</role-name>
 <action-name>view</action-name>
 </policy-permission>
 </security-constraint>


      I tried to secure a page with the very same markup, but with poor results: the page is shown without error or a redirect to the login page.

      I'm really stumped on this one, and seem to recall reading in the forums that page level security wasn't possible. Does anyone have the definitive answer on that w/r/t portal 2.4.1? Does anyone have any ideas why my page comes up unrestricted?

      Thanks in advance!

      nollie


      • 2689 Views
      • Tags:
        • 1. Re: Can't get page level declaritive security working
          anders3 Apr 25, 2007 5:25 PM (in response to nollie)

          On 2.6 it works fine for me :-)

          First of all you can modify the security in the admin console.
          You do not have to use the xxx-object.xml things to begin with
          a) avoid cascading on a higher level.
          b) ensure your group exists
          c) ensure you use the groupname NOT the description

            • Actions