Hi,
As far as I can understand from documentation
(http://portals.apache.org/jetspeed-2/guides/guide-security-declarative-
psml.html), its possible to apply some restrictions to fragments inside
a psml page just by writing a list of security constraints in the
fragment definition.
In order to try this feature, Ive made a testing psml page accessible
just for users with role=manager. Inside it, there is a portlet whose
access is supposed to be denied for user jetspeed (though user
jetspeed has the manager role):
<page>
<fragment id="hidd-p-03" type="portlet"
name="j2-admin::UserDetailsPortlet">
<property name="row" value="1"/>
<property name="column" value="1"/>
<security-constraints>
<security-constraint>
<users>jetspeed</users>
</security-constraint>
</security-constraints>
</fragment>
<security-constraints>
<security-constraints-ref>level-0b</security-constraints-ref>
</security-constraints>
</page>
where level-0b is defined in page.security:
<security-constraints-def name="level-0b">
<security-constraint>
<users>admin</users>
</security-constraint>
<security-constraint>
<roles>manager</roles>
<permissions>view</permissions>
</security-constraint>
</security-constraints-def>
Can anyone tell me what Im doing wrong? Did anyone try this before?
Thanks in advance,
Enrique
