Hi,
As far as I know, you'd better give permission to see the page just to
"guest" user (so anyone who is not identified as "guest" is banned to
see the page).
Try to add this code at the end of your "psml" page:
<!-- security constraints -->
<security-constraints>
<security-constraint>
<users>guest</users>
<permissions>view</permissions>
</security-constraint>
</security-constraints>
Don't inherit any constraint from "page.security"...
Anyway, if you want to deny access to a specific user (if I'm not wrong
:S ), you only have to add a security constraint without permissions at
the very beginning of security constraints list... just like this:
<security-constraint>
<users>username1</users>
</security-constraint>
<security-constraint>
<roles>manager</roles>
<permissions>view, edit</permissions>
</security-constraint>
(You can apply these security constraints to roles as well.)
That way, user identified as "username1" has access denied, even though
he has role "manager".
Hope that helps.
Regards,
Enrique
Nikko Gaerlan escribió:
hi list
DENIES
A deny security constraint is declared with one or more security
principals;
with no associated permissions. Deny constraints prohibit access to
the page
or folder for the given list of principals. Note that deny constraints
must
be listed before grant constraints.
it is written in
http://portals.apache.org/jetspeed-2/guides/guide-security-declarative-psml.html
but how?
i would like to have a page that only guests or anonymous users are
able to
see..
thanks..
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
