[jboss-user] [JBoss Portal] - PageCustomizerInterceptor not restricting tabs based on role
jgilbert
do-not-reply at jboss.com
Sat Apr 28 16:06:44 EDT 2007
Looking at the PageCustomizerInterceptor class it performs security checks before rendering tabs but it does not seem to be working. JACCPortalAuthorizationManager is always returning true for checkPermission.
I'm fairly certain that I have setup my security constraints properly in my *-object.xml file because when i click on a tab i get the right security message.
Any ideas what is going wrong?
| <security-constraint>
| <policy-permission>
| <role-name>MyRole</role-name>
| <action-name>view</action-name>
| <action-name>viewrecursive</action-name>
| <action-name>personalizerecursive</action-name>
| </policy-permission>
| </security-constraint>
|
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4041658#4041658
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4041658
More information about the jboss-user
mailing list