1 Reply Latest reply on Mar 16, 2007 3:38 PM by mchan_98

    Newbie: Simple security question

    mjremijan

      I'm downloaded portal 2.6-beta and I'm going through the quick start tutorial. I've added a new portal page named "starter" to the default portal. Now I would like to add some simple security so that the "starter" tab is only visible when a user with a "starter" role logs in. I haven't been able to accomplish this yet. Can someone point me in the right direction?

        • 1. Re: Newbie: Simple security question
          mchan_98

          Look at the user doc

          Basically, in your WEB-INF\xxxx-object.xml file that define your page, you need to add

          <security-constraint>
          <policy-permission>
          <role-name>Admin</role-name>
          <action-name>viewrecursive</action-name>
          </policy-permission>
          </security-constraint>
          in the deployments->deployment->page tag

          In practice, there's a number of things that can screw you up:
          1) you need to change your if-exists definition to overwrite from keep in your deployment->deployment application
          2) Your new role may not be defined properly (I don't remember correctly, but it has something to do with the role name shown in your portal admin page should not be the one you use in your xxx-object.xml file) I would suggest using Admin(the built in one) as a role to test first.

          Hope this help.

          Michael