[jboss-jira] [JBoss JIRA] Commented: (JBPORTAL-1514) Could not assign selective permissions when securing cms repositories

Sohil Shah (JIRA) jira-events at lists.jboss.org
Thu Jun 28 16:03:59 EDT 2007 

    [ http://jira.jboss.com/jira/browse/JBPORTAL-1514?page=comments#action_12367216 ] 
            
Sohil Shah commented on JBPORTAL-1514:
--------------------------------------

ah ok.

This is fine. "Manage" permission does not control the accessibility of the "Security Console where permissions are specified".

See here for explanation of what actions fall under "Read", 'Write", and "Manage" permissions. http://wiki.jboss.org/wiki/Wiki.jsp?page=CMS_Security

As far as the "Security Console" access goes, its accessible as long as you are in "Admin" role.


So in your usecase:

In Step 3: since you were logged in as a user that belonged to the "Admin" role, you were allowed to access the 'Security Console". So this is expected behavior.


Just a note that you shouldn't force a User into an "Admin" role just to get access to CMS Tool.

The "admin" account shipped with Portal is treated as root for CMS Tool, so if you are logged in with that account, you have root access.

Note: only the "admin" account is treated as root, not any account that has "Admin" role





> Could not assign selective permissions when securing cms repositories
> ---------------------------------------------------------------------
>
>                 Key: JBPORTAL-1514
>                 URL: http://jira.jboss.com/jira/browse/JBPORTAL-1514
>             Project: JBoss Portal
>          Issue Type: Bug
>      Security Level: Public(Everyone can see) 
>          Components: Portal CMS
>            Reporter: Rajesh Rajasekaran
>         Assigned To: Julien Viet
>             Fix For: 2.6 Final
>
>
> What i am trying to do here:
> 1.Create a new repository and a new user when logged in as admin.
> 2.Secure the cms repository and assign only read permissions to that user on that repository and block write and manage permissions.
> In step 2, the user is totally blocked access to the repository. he is not able to read the repository.
> 3.I gave read and write permissions but blocked manage permissions.
> In step 3, i was able to read and write to the cms repository and also was able to manage (secure permissions).
> Just wanted to check if this is a valid use case and i am doing it right.

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://jira.jboss.com/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira

More information about the jboss-jira mailing list