JBoss Portal SVN: r7184 - docs/trunk/referenceGuide/en/modules. - portal-commits

Thursday, 3 May 2007

Author: thomas.heute(a)jboss.com
Date: 2007-05-03 12:04:19 -0400 (Thu, 03 May 2007)
New Revision: 7184

Modified:
   docs/trunk/referenceGuide/en/modules/security.xml
Log:
Tried to explain how to restrict access to a page from default portal configuration.

Modified: docs/trunk/referenceGuide/en/modules/security.xml
===================================================================

--- docs/trunk/referenceGuide/en/modules/security.xml	2007-05-03 16:01:40 UTC (rev 7183)
+++ docs/trunk/referenceGuide/en/modules/security.xml	2007-05-03 16:04:19 UTC (rev 7184)
@@ -56,8 +56,8 @@
    </deployment>
 </deployments>]]></programlisting>
       </para>
-      <para>
-         A security constraint on an object (our example above, secures a specific portal
page), is explained as:
+      <para>The based principle of the security mechanism is that everything is
restricted unless you grant privileges.
+         You grant privilege on a portal node by adding a security constraint as
explained here:
          <para>
             <programlisting><![CDATA[
 <security-constraint>
@@ -66,6 +66,9 @@
       <action-name>viewrecursive</action-name>
    </policy-permission>
 </security-constraint>]]></programlisting>
+            The example above will grant the view privilege to anyone (unchecked role) to
the current object and any
+            child object recursively.</para>
+         <para>
             The security contraint portion is worth taking a look at, in an isolated
fashion. It allows you to
             secure a specific window/page/portal-instance based on a user's role.
          </para>
@@ -103,6 +106,13 @@
                </listitem>
             </itemizedlist>
          </para>
+         <note>
+            <title>Restricting access</title>
+            <para>Out of the box the default portal as a viewrecursive right for
all the users, it means that whenever a page
+            is added, this page will be seen by any user. To restrict access to this
page, the default portal security constraint
+            must be changed from viewrecursive to view, and viewrecursive security
constraints must be added to its children
+            so that they can be viewed except the one you want to restrict access
to.</para>
+         </note>
          We provide three live samples of this descriptor, here
          <xref linkend="desc_instancesxml"/>
          ,


    

2026

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

JBoss Portal SVN: r7184 - docs/trunk/referenceGuide/en/modules.