[jboss-jira] [JBoss JIRA] Commented: (JBPORTAL-1733) CMS admin role hardcoded somewhere
Tobias Roth (JIRA)
jira-events at lists.jboss.org
Wed Oct 10 05:45:03 EDT 2007
[ http://jira.jboss.com/jira/browse/JBPORTAL-1733?page=comments#action_12381366 ]
Tobias Roth commented on JBPORTAL-1733:
---------------------------------------
I just created JBPORTAL-1740. Sorry, didn't see this one.
> CMS admin role hardcoded somewhere
> ----------------------------------
>
> Key: JBPORTAL-1733
> URL: http://jira.jboss.com/jira/browse/JBPORTAL-1733
> Project: JBoss Portal
> Issue Type: Bug
> Security Level: Public(Everyone can see)
> Components: Portal CMS
> Affects Versions: 2.6.2 Final
> Environment: Any
> Reporter: Luc Boudreau
> Assigned To: Sohil Shah
> Fix For: 2.6.3 Final
>
>
> - Modify platform to use another admin role name
> - Create user with new admin role and old Admin role
> - Change security on root node of CMS and make the new role the manager
> - Change the user's roles by removing the old Admin role
> - Try to manage the root node : Access Denided
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://jira.jboss.com/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
More information about the jboss-jira
mailing list