Hi, I am using jboss portal 2.4.0-Beta1 with Jboss4.0.4GA and MySql5.0
I am trying to add security-constraint to a portlet, but it is not getting reflected. The security-constrating to a page, however is working fine. I tried adding security-contraint to a Window, PortletInstance and a Portlet but none of them is working. for Portlet window, I tried something like this in myPortal-object.xml file and deployed the war, but everyone is able to access the portlet. | <deployment> | <parent-ref>default.Dashboard2</parent-ref> | <if-exists>overwrite</if-exists> | <window> | <window-name>ScheduledInterviewsWindow2</window-name> | <instance-ref>KNXScheduledInterviewsInstance2</instance-ref> | <default>true</default> | <region>center</region> | <height>0</height> | <security-constraint> | <policy-permission> | <role-name>Admin</role-name> | <action-name>view</action-name> | </policy-permission> | </security-constraint> | </window> | </deployment> | I even tried it for the portlet, by adding the security-constraint in jboss-portlet.xml file | <portlet> | <portlet-name>ScheduledInterviewsPortlet2</portlet-name> | <security></security> | <security-constraint> | <policy-permission> | <role-name>Admin</role-name> | <action-name>view</action-name> | </policy-permission> | </security-constraint> | </portlet> | Even the security for portlet-instance is also not working. In myPortal-objext.xml | | <deployment> | <if-exists>overwrite</if-exists> | <instance> | <instance-name> | KNXScheduledInterviewsInstance2 | </instance-name> | <component-ref> | KenexaDashboard2.ScheduledInterviewsPortlet2 | </component-ref> | <security-constraint> | <policy-permission> | <role-name>Admin</role-name> | <action-name>view</action-name> | </policy-permission> | </security-constraint> | </instance> | </deployment> | | In Portlet-Instances.xml | | <instance> | <instance-id>KNXScheduledInterviewsInstance2</instance-id> | <portlet-ref>ScheduledInterviewsPortlet2</portlet-ref> | <security-constraint> | <policy-permission> | <role-name>Admin</role-name> | <action-name>view</action-name> | </policy-permission> | </security-constraint> | </instance> I even changed the window_access_denied propery in cong/config.xml from show to hide <entry key="core.render.window_access_denied">hide</entry> Am I missing anything else? I even tried to do it from the management console but that didn't work either. Any help would be greatly appreciated. Thanks & Regards, Bhupesh. View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3959856#3959856 Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3959856 _______________________________________________ jboss-user mailing list [email protected] https://lists.jboss.org/mailman/listinfo/jboss-user
