[jboss-user] [JBoss Portal] - Re: Portlet Security Constraints

PeterJ do-not-reply at jboss.com
Fri Aug 22 17:12:50 EDT 2008

Only permissions to pages and portals can be managed in the *-object.xml file.

Besides, even if it were possible to place instance permissions in *-object.xml, it might not do what you want. Both the portlet-instances.xml and *-object.xml file are used to initialize information about a portlet in the database. After that, all management of the portlet is done via the information in the database. While there is an if-exists tag you can place in those files, its actual behavior is sometimes not what you expect. In your case, I could see both the old and new permissions being resident in the database after the update.

My recommendation is to always set if-exists to "ignore" and once the information has been loaded into the database to use the admin portal to do all management.

View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4172103#4172103

Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4172103

More information about the jboss-user mailing list