> No, in that case you'd indeed better not use that. Of course
> it is a bit odd that anonymous visitors see info which they
> actually may not. So, the most clean solution is that you
> make sure that they indeed may view images, also according to
> the security system itself. I understand that this might be a
> bit tricky, but there are a few ways you can think of (handle
> it in the editors, or in the builder implementation or so).
The images are not served without a session cloud except if they're
available to the anonymous user, so I added the following code to the image
fetching process to try on-the-fly anonymization of the images:
if (! imagen.getContext().equals("imagesmodule")) {
imagen.setContext("imagesmodule");
imagen.commit();
}
This way, only the requested images would become public and the other ones
would still remain private.
Unfortunately, I get the following error:
2004-09-28 17:37:00,966 ERROR
security.implementation.context.ContextAuthorization - the usercontext was
expired
Any clues?
Thanks again.
