1 Reply Latest reply on Apr 5, 2007 3:56 PM by Jon Whitmore

    Trouble with security contraints

    Jon Whitmore Newbie

      Hello. I'm using portal 2.4.1 on 4.0.5GA. I recently got my LDAP authentication working and started trying out the security constraints.

      Everything was working until I removed my test user from the "Authenticated' group in LDAP. At first my credentials were cached, but I blew away the hypersonic database and tried to login again and was correctly denied viewing a portlet that required the "Authenticated" role. Now I can't get it to work correctly again.

      I have changed the security constraint to "Admin" in hopes that would get me somewhere, as my users can login and see the Admin tab on the web console, but I'm still not about to see my portlet.

      Am i missing a cache of old credentials somewhere? DefaultCacheTimeout is set to zero.

      This is the stack trace I'm seeing:

      15:22:53,395 ERROR [PortalPermissionCollection] Permission check against the rep
      ository failed
      java.lang.IllegalArgumentException: Illegal action viewrecursive
       at org.jboss.portal.core.model.instance.InstancePermission.addAction(Ins
      tancePermission.java:117)
      ...
      


      And finally, for a brief time I added this to my login-config.xml ( not sure if this is relevant):

      <!-- Add this line to your login-config.xml to include the ClientLoginModule propogation -->
       <login-module code="org.jboss.security.ClientLoginModule" flag="required" />


      Thanks!