[
http://jira.magnolia-cms.com/browse/MAGNOLIA-1645?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=29476#action_29476
]
Sean McMains commented on MAGNOLIA-1645:
----------------------------------------
Isn't this just a specific case of the general issue in MAGNOLIA-1542?
> Renaming the secured page (in anonymours role's URL acl) does not update URL
> acl definition
> --------------------------------------------------------------------------------------------
>
> Key: MAGNOLIA-1645
> URL: http://jira.magnolia-cms.com/browse/MAGNOLIA-1645
> Project: Magnolia
> Issue Type: Bug
> Environment: 3.1-SNAPSHOT
> JBoss 4.0.5
> Reporter: Amir Mistric
> Assignee: Boris Kraft
>
> Scenation:
> 1. create a page called pageA and publish on public instance
> 2. on public instance enter URL acl for anonymous role protecting access to
> the pageA
> 3. try to access pageA - you will get login prompt
> 4. on author, rename pageA to pageB and republish
> 5. try to access pageB and it is unsecured.
> pageB is unsecured because anonymous role URL acl didn't "update" page name.
> It stayed pageA. (i think its because it is not ussing UUID internally but
> just a string)
> Potential side effects can be very serious for public sites.
> Workaround:
> - don't rename pages once secured ;)
> - after renaming pages updated anonymous role URL acl
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://jira.magnolia-cms.com/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
----------------------------------------------------------------
For list details see
http://www.magnolia-cms.com/home/community/mailing-lists.html
To unsubscribe, E-mail to: <[email protected]>
----------------------------------------------------------------
