[jboss-dev-forums] [Design of JBoss Portal] - setting security constraint for portal pagess
prijken
do-not-reply at jboss.com
Wed Aug 30 08:32:46 EDT 2006
I have a couple of questions regarding setting security for portal pages:
1)
In my *-object.xml I have the following configuration:
| ...
| <page>
| <page-name>MyPage</page-name>
| ...
| <security-constraint>
| <policy-permission>
| <role-name>User</role-name>
| <action-name>viewrecursive</action-name>
| </policy-permission>
| </security-constraint>
| </page>
| ...
|
I was hoping that with this, I could restrict access to the portal page with URL /portal/..../MyPage. But unfortunately, this does not seem to work.
I have read the JSR000168, and both the Portal reference and user manuals for 2.4.
2) Do security constraint on portlet instances overwrite those of the constraints set for the page?
3) Can I have multiple <policy-permissions> or multiple <security-constraints>? (I could find a scheme for the *-object.xml file.)
4) Is it possible to specify the security-domain for the security constraints set in *-object.xml, i.e. different from the security-domain of the portal?
Many thanks, pieter
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3968354#3968354
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3968354
More information about the jboss-dev-forums
mailing list