I am trying to change the portlet security on some portlets by creating a new security constraint definition and associating it with a portlet definition.
The updatePageSecurity method (*** below) throws the unchecked exception SecurityException. I assume the reason for this is to force the code to first check if a user has "admin" permissions. My question is how can I validate that the user trying to set this security constraint has permission to do it beforehand? This is the code I have, exception thrown on *** PageManager pageManager = (PageManager) portletContext.getAttribute(CommonPortletServices.CPS_PAGE_MANAGER_COMPO NENT); PageSecurity pageSecurity = pageManager.getPageSecurity(); SecurityConstraintsDef def = pageManager.newSecurityConstraintsDef(); (set some attributes in def like constraint name, roles, permissions) pageSecurity.getSecurityConstraintsDefs().add(def); pageSecurity.setSecurityConstraintsDefs(pageSecurity.getSecurityConstrai ntsDefs()); *** pageManager.updatePageSecurity(pageSecurity); *** (get the portlet definition and call setJetspeedSecurityConstraint with the constraint name from above) Thanks. Ruben Carvalho --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
