You are viewing a plain text version of this content. The canonical link for it is here.
Posted to jetspeed-user@portals.apache.org by Werner Punz <we...@gmx.at> on 2002/09/16 15:06:33 UTC
Security problem
Hi
I have a Jetspeed Security related problem. I try to deploy a portlet
which is only accessible by certain users. I therefore added a role
"test" to a testuser which should show the portlet in his page. I also
added following entries to my portlet xreg entry:
<security role="test"/>
<security-ref parent="test-only"/>
With following additional entry in security.xreg:
<security-entry name="test-only">
<meta-info>
<title>Test-only</title>
<description>Full access to users with the test
role.</description>
</meta-info>
<access action="*">
<allow-if role="test"/>
</access>
</security-entry>
The problem is that the role and its permissions don´t seem to be
recognized. I don´t get the proper permissions in my testuser with the
"test" role. Am I missing something?
Kind regards
Werner
--
To unsubscribe, e-mail: <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>
Re: Security problem
Posted by Bui Quoc Thai <st...@ait.ac.th>.
Hi Werner,
Try to use "user" attribute in <allow-if> element in security.xreg, like this:
.....
<access action="*">
<allow-if role="test" user="testuser"/>
</access>
.....
Thai
Quoting Werner Punz <we...@gmx.at>:
> Hi
>
> I have a Jetspeed Security related problem. I try to deploy a portlet
> which is only accessible by certain users. I therefore added a role
> "test" to a testuser which should show the portlet in his page. I also
> added following entries to my portlet xreg entry:
>
> <security role="test"/>
> <security-ref parent="test-only"/>
>
>
> With following additional entry in security.xreg:
>
> <security-entry name="test-only">
> <meta-info>
> <title>Test-only</title>
> <description>Full access to users with the test
> role.</description>
> </meta-info>
> <access action="*">
> <allow-if role="test"/>
> </access>
> </security-entry>
>
>
> The problem is that the role and its permissions don´t seem to be
> recognized. I don´t get the proper permissions in my testuser with the
> "test" role. Am I missing something?
>
>
> Kind regards
>
> Werner
>
>
>
> --
> To unsubscribe, e-mail:
> <ma...@jakarta.apache.org>
> For additional commands, e-mail:
> <ma...@jakarta.apache.org>
>
--------------------------
Email: st027235@ait.ac.th
bqthai@ctu.edu.vn
Room: C34
Tel: 524-7099
----------------------------------------------------------
This mail sent through AIT WebMail : http://www.ait.ac.th/
--
To unsubscribe, e-mail: <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>