4 Replies Latest reply on Jul 30, 2007 2:23 PM by nidhi_hs

    CMSAdminPortlet - Access Denied

    nidhi_hs
    nidhi_hs Jul 30, 2007 10:15 AM

      I am referring to the CMSAdminPortletInstance in *-object.xml file as below

      <if-exists>overwrite</if-exists>
      <parent-ref>CMSAdminPortal</parent-ref>

      <page-name>CMS</page-name>
      ..
      <window-name>CMSPortletWindow</window-name>
      <instance-ref>CMSAdminPortletInstance</instance-ref>
      ..


      I always get Access Denied even though the security for CMSAdminPortletInstance is UnChecked (verified under PortletInstances tab). However it works fine when I log in as Admin.

      My requirement is to define a new role and assign a user to that role, for example "CMS Adminsitrators" . I want that user to manage the CMS content only and nothing else.

      Please guide me on this.

      Regards
      Srinidhi

      • 1750 Views
      • Tags:
        • 1. Re: CMSAdminPortlet - Access Denied
          soshah
          soshah Jul 30, 2007 10:33 AM (in response to nidhi_hs)

          Srinidhi-

          For the CMS Admin tool, use the CMS Admin tool Security Console to provide access to nodes in the CMS.

          Here is some information to get you started:

          http://wiki.jboss.org/wiki/Wiki.jsp?page=CMS_Security


          The functionality is available via the "Secure" function in the Drop Down Actions Menu of the CMS Admin Tool

          Thanks

            • Actions
          • 2. Re: CMSAdminPortlet - Access Denied
            nidhi_hs
            nidhi_hs Jul 30, 2007 10:43 AM (in response to nidhi_hs)

            Thanks for the reply. But this is not what I am looking for.

            I am not able to assign a new security role to the CMSAdminPortletInstance.I get "Access Denied" in the CMSAdminPortletWindow when I refer to the existing CMSAdminPortletInstance as I mentioned in my previous post.

              • Actions
            • 3. Re: CMSAdminPortlet - Access Denied
              soshah
              soshah Jul 30, 2007 10:54 AM (in response to nidhi_hs)

              You are getting an "Access Denied" message from the CMS Service and not from the Portlet Container which manages the CMSAdminPortletInstance.

              The CMSAdminPortletInstance is getting rendered, which is what is expected, but the CMS Service does not have proper permissions set for the role in question to access CMS content.

              The Portal only goes as far as protecting the window, but the content inside the window is outside its control and security is managed by the actual application producing the content inside this window. In this case its the CMS Service and proper permissions need to be set on it via the CMS Admin Security console

              Thanks

                • Actions
              • 4. Re: CMSAdminPortlet - Access Denied
                nidhi_hs
                nidhi_hs Jul 30, 2007 2:23 PM (in response to nidhi_hs)

                Thanks a lot for your help. It works just fine and I understand the whole thing better :)

                Regards
                Nidhi

                  • Actions