[jboss-user] [JBoss Portal] - JBoss 2.6 CMS Security Issue

david.hoffman do-not-reply at jboss.com
Wed Aug 8 14:18:30 EDT 2007


I am using jboss-portal-2.6.1.GA using builtin database, auth module, and CMS capabilities.

When I have a window assigned to a region on a page, pointed to CMS content "XYZ", and I have CMS content "XYZ" security set such that the user I am logging into the portal with does not have access to that piece of content, the following shows up inside the context of the window associated with that content:


  | Access Denied
  | You are not allowed to access the following resource - /default/Common/ServiceAdvisories/default.htm
  | 

The desired behavior would be for the window to simply disappear and not be available to the user.  

In previous versions, we could define multiple instances of the CMS Content Portlet and by setting the permissions on the instance, the window associated with that instance would simply disappear if the user did not have access to it.

Given that "CHANGE IS GOOD", and I don't want to go back to a previous version, how can I achieve the same effect as I was able to achieve previously while still leveraging the latest and greatest CMS functionality and not going off and developing my own JSR 168 porlet.

Because of the way my UI is designed, even being able to make that message (above) be a blank space would solve my problem.

Thank you in advance for any assistance you may be able to offer in this regard.

View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4072142#4072142

Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4072142



More information about the jboss-user mailing list