raphael 2002/11/09 07:37:41
Modified: webapp/WEB-INF/psml/user/admin/html default.psml
webapp/WEB-INF/psml/user/admin/wml default.psml
webapp/WEB-INF/psml/user/turbine/html default.psml
webapp/WEB-INF/psml/user/turbine/wml default.psml
Log:
Fix bug 11956: Security issue. User can access other users pages
Revision Changes Path
1.16 +1 -0
jakarta-jetspeed/webapp/WEB-INF/psml/user/admin/html/default.psml
Index: default.psml
===================================================================
RCS file:
/home/cvs/jakarta-jetspeed/webapp/WEB-INF/psml/user/admin/html/default.psml,v
retrieving revision 1.15
retrieving revision 1.16
diff -u -r1.15 -r1.16
--- default.psml 8 Nov 2002 22:12:21 -0000 1.15
+++ default.psml 9 Nov 2002 15:37:40 -0000 1.16
@@ -1,5 +1,6 @@
<?xml version="1.0" encoding="UTF-8"?>
<portlets id='300' xmlns="http://www.apache.org/2000/02/CVS";>
+ <security-ref parent="admin-only"/>
<metainfo>
<title>Default Jetspeed Admin page</title>
</metainfo>
1.4 +1 -0 jakarta-jetspeed/webapp/WEB-INF/psml/user/admin/wml/default.psml
Index: default.psml
===================================================================
RCS file:
/home/cvs/jakarta-jetspeed/webapp/WEB-INF/psml/user/admin/wml/default.psml,v
retrieving revision 1.3
retrieving revision 1.4
diff -u -r1.3 -r1.4
--- default.psml 23 Jul 2002 00:03:56 -0000 1.3
+++ default.psml 9 Nov 2002 15:37:40 -0000 1.4
@@ -1,5 +1,6 @@
<?xml version="1.0" encoding="UTF-8"?>
<portlets xmlns="http://www.apache.org/2000/02/CVS";>
+ <security-ref parent="admin-only"/>
<controller name="FlowPortletController"/>
<control name="ClearPortletControl"/>
1.21 +1 -0
jakarta-jetspeed/webapp/WEB-INF/psml/user/turbine/html/default.psml
Index: default.psml
===================================================================
RCS file:
/home/cvs/jakarta-jetspeed/webapp/WEB-INF/psml/user/turbine/html/default.psml,v
retrieving revision 1.20
retrieving revision 1.21
diff -u -r1.20 -r1.21
--- default.psml 4 Sep 2002 16:09:19 -0000 1.20
+++ default.psml 9 Nov 2002 15:37:40 -0000 1.21
@@ -1,5 +1,6 @@
<?xml version="1.0" encoding="UTF-8"?>
<portlets id="01">
+ <security-ref parent="owner-only"/>
<metainfo>
<title>Default Jetspeed page</title>
</metainfo>
1.6 +1 -0
jakarta-jetspeed/webapp/WEB-INF/psml/user/turbine/wml/default.psml
Index: default.psml
===================================================================
RCS file:
/home/cvs/jakarta-jetspeed/webapp/WEB-INF/psml/user/turbine/wml/default.psml,v
retrieving revision 1.5
retrieving revision 1.6
diff -u -r1.5 -r1.6
--- default.psml 23 Jul 2002 00:03:56 -0000 1.5
+++ default.psml 9 Nov 2002 15:37:41 -0000 1.6
@@ -1,5 +1,6 @@
<?xml version="1.0" encoding="UTF-8"?>
<portlets xmlns="http://www.apache.org/2000/02/CVS";>
+ <security-ref parent="owner-only"/>
<controller name="FlowPortletController"/>
<control name="ClearPortletControl"/>
--
To unsubscribe, e-mail: <mailto:jetspeed-dev-unsubscribe@;jakarta.apache.org>
For additional commands, e-mail: <mailto:jetspeed-dev-help@;jakarta.apache.org>
