as far as i know there are 3 modes to enable security in jboss portal: /portal/auth/index.html forces the user to login /portal/sec/index.html switches to a secured (ssl) url /portal/authsec/index.html forces the user to login and switches to a secured (ssl ) url
i can force the user login if a add a security constratin to my page definition, e.g. <security-constraint> <policy-permission> <role-name>Manager</role-name> <action-name>view</action-name> </policy-permission> </security-constraint>
are there any other settings/constraints to set, to force the url to switch to sec or authsec? how do i configure this? so where do i have to change the configuration to get a secured page?