This content has been marked as final.
Show 4 replies
-
1. Re: security-constraints not working at the page level (*-ob
theute Nov 13, 2007 3:39 AM (in response to joe_the_quick)What are you trying to achieve ?
-
2. Re: security-constraints not working at the page level (*-ob
joe_the_quick Nov 14, 2007 4:54 AM (in response to joe_the_quick)Thank you for the quick reply.
I simply would like to protect a page to allow access only for authenticated users with the role "Authenticated".
The protection of pages should be possible according to the docs (
http://docs.jboss.com/jbportal/v2.6.2/referenceGuide/html_single/, 6.4. Descriptor Examples)
best regards,
johannes -
3. Re: security-constraints not working at the page level (*-ob
theute Nov 14, 2007 5:10 AM (in response to joe_the_quick)So you just need to set:
- view (not recursive) right on the portal for anybody
- viewrecursive for 'authenticated" on your page -
4. Re: security-constraints not working at the page level (*-ob
joe_the_quick Mar 18, 2008 9:31 AM (in response to joe_the_quick)"thomas.heute@jboss.com" wrote:
So you just need to set:
- view (not recursive) right on the portal for anybody
- viewrecursive for 'authenticated" on your page
Dear Thomas,
This works, but the usual configuration for our portal would be
*) allow all users read access to the pages, where no security-constraints are defined (=default configuration of Jboss Portal)
*) if page-level security-constraints are set, these should really secure the page
On the portlet-instance level, this works perfectly and as expected. However, why does this not work the same way for portlet pages?
I just tested this for Jboss Portal 2.6.4, and the behaviour has not changed.
Thank you very much for your response &
best regards,
Johannes