Hello. I'm using portal 2.4.1 on 4.0.5GA. I recently got my LDAP authentication working and started trying out the security constraints.
Everything was working until I removed my test user from the "Authenticated' group in LDAP. At first my credentials were cached, but I blew away the hypersonic database and tried to login again and was correctly denied viewing a portlet that required the "Authenticated" role. Now I can't get it to work correctly again.
I have changed the security constraint to "Admin" in hopes that would get me somewhere, as my users can login and see the Admin tab on the web console, but I'm still not about to see my portlet.
Am i missing a cache of old credentials somewhere? DefaultCacheTimeout is set to zero.
This is the stack trace I'm seeing:
15:22:53,395 ERROR [PortalPermissionCollection] Permission check against the rep ository failed java.lang.IllegalArgumentException: Illegal action viewrecursive at org.jboss.portal.core.model.instance.InstancePermission.addAction(Ins tancePermission.java:117) ...
<!-- Add this line to your login-config.xml to include the ClientLoginModule propogation --> <login-module code="org.jboss.security.ClientLoginModule" flag="required" />
I finally got it!
I had to set DefaultCacheTimeout, AND DefaultCacheResolution to zero and rebuild the database.