-
1. Re: How to make a portlet secured
matthieu.bouvais Mar 18, 2008 6:55 AM (in response to pshaktig)Hi pshaktig,
If you want to restrict the access to a portlet to the Admin role, you have to modify your portlet-instances.xml and change the action-name to "view". This will hide the portlet to all user who don't have the Admin role. You don't have to make it programmatically. -
2. Re: How to make a portlet secured
pshaktig Mar 18, 2008 7:07 AM (in response to pshaktig)Hi Matthieu,
I did the same. But its not working. In portlet-insatances.xml made the entry you suggested.
Do I need to disable viewrecursive action for the default portal?
Thanks,
Shakti -
3. Re: How to make a portlet secured
den74 Mar 18, 2008 7:10 AM (in response to pshaktig)hi i got the same, it depends on the father permission.
by default "vierecursive" is enabled to everyone, i had to change in view for any role and then i had the behaviour like you want -
4. Re: How to make a portlet secured
matthieu.bouvais Mar 18, 2008 7:21 AM (in response to pshaktig)You don't need to remove the "viewRecursive" action for the default portal. You can add this attribute into the portlet-instances.xml :
... <deployment> <if-exists>overwrite</if-exists> <instance> ... </instance> </deployment> ....
-
5. Re: How to make a portlet secured
pshaktig Mar 18, 2008 8:14 AM (in response to pshaktig)Hi Matthieu,
Thanks for your solution. My portlet got secured. This is what I did in my portlet-instances.xml:
<if-exists>overwrite</if-exists>
<instance-id>AJAXSearchViewerPortletInstance</instance-id>
<portlet-ref>AJAXSearchViewerPortlet</portlet-ref>
<security-constraint>
<policy-permission>
<role-name>Admin</role-name>
<action-name>view</action-name>
</policy-permission>
</security-constraint>
What if I want to make the page secured? What entries do I need to make?
Thanks,
Shakti -
6. Re: How to make a portlet secured
pshaktig Mar 18, 2008 10:26 AM (in response to pshaktig)Hi,
When I put security constraints in *-object.xml in admin portlet I can see tha page has view permissions for Admin role. However when I open the page it is accessible to everyone. Evene <if exists>overwrite<...> not working
Please provide some pointers.
Thanks,
Shakti -