Hi to all,
What I did:
* starting portal
* logging in with specific role
* access portlet
* perform portlet actions
* let the portlet crash (in mny use case this portlet need special VPN access to external system. So i just cut VPN access.)
* try to redo portlet actions
* another portlet appears
Strange thing: the logged in user does not have the permissions to view this portlet.
So, IMHO this is a big security issue.
Do you want meet to create a JIRA issue?
My Stack:
* GateIn 3.1/JBoss AS 5.1
* Seam 2
* JSF 2
Thanks and regards
Michael