Randy, Thanks for the quick reply.
We are using 2.1.3 with psmls stored in database (Database Page Manager) We are not using profiler to select home pages for different users. Showing of different home pages to different users based on their roles are done using the security constraints declared in the page.security (tables PAGE_SECURITY, PAGE_SEC_CONSTRAINTS_DEF, PAGE_SEC_CONSTRAINTS_REF, PAGE_SEC_CONSTRAINT_DEF) We declare both the grant and deny constraints as documented in http://portals.apache.org/jetspeed-2/guides/guide-security-declarative-psml.html and we have multiple home pages that sits on the root folder (/). These different home pages have different security constraints references to both grant and deny permissions. Here is the synopsis of what really happened Periodically users are seeing pages that they are not supposed to see. The problem tends to correct itself after some time. The constraints are applied as mentioned above where we are using both grants and denies. The following is the snippet from the page.security file <security-constraints-def name="privilege1-grant"> <security-constraint> <roles>executive_role</roles> <permissions>view,edit</permissions> </security-constraint> </security-constraints-def> <security-constraints-def name="privilege1-deny"> <security-constraint> <roles>executive_role</roles> </security-constraint> </security-constraints-def> <security-constraints-def name="privilege2-grant"> <security-constraint> <roles>employee_role</roles> <permissions>view,edit</permissions> </security-constraint> </security-constraints-def> <security-constraints-def name="privilege2-deny"> <security-constraint> <roles>employee_role</roles> </security-constraint> </security-constraints-def> Here is the snippet from a psml which is having deny permission <security-constraints> <security-constraints-ref>privilege1-deny</security-constraints-ref> <security-constraints-ref>privilege2-grant</security-constraints-ref> </security-constraints> Let me know if you need any additional information. I will take a look at 2.1.3-POSTRELEASE branch. Thanks Ram Randy Watler wrote: > > Niruparma, > > What version are you running and which page manager are you using? > > If you are on 2.1.3, there were some issues with the database page > manager cache. This has been refactored to use ehcache and ported back > to 2.1.3-POSTRELEASE. There are also plans to release a 2.1.4 soon. > > Also, if you could pass along some detail on your page and profiler > configurations used to select home pages, that might be helpful as well. > > Randy > > Nirupama Mallavarupu wrote: >> Hi, >> >> We have a production deployment of JetSpeed Portal where we have the >> security constraints setup in such a way that each user sees the home >> page assigned to his/her role, when they login to the portal. However, >> under some unknown circumstances ( the client is unable to pinpoint), the >> security constraints disappear and everyone is able to see all the home >> pages. After about half an hour, the security constraints again kick >> back in mysteriously ( in the meantime, the client panics and stops and >> restarts the portal, the db servers and everything several times with no >> effect. >> >> Any clues or suggestions as to what could be causing the issue ? >> >> Appreciate any help you can provide! >> >> Thanks! >> >> >> >> >> >> --------------------------------------------------------------------- >> To unsubscribe, e-mail: [email protected] >> For additional commands, e-mail: [email protected] >> >> >> > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [email protected] > For additional commands, e-mail: [email protected] > > > -- View this message in context: http://www.nabble.com/Strange-bug-%3A-security-constraints-on-web-pages-disappear-and-come-back-tp22731499p22743813.html Sent from the Jetspeed - User mailing list archive at Nabble.com. --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
