Ram,
If you get a chance to try out the 2.1.3-POSTRELEASE branch, that would
be helpful.
How often does this occur? Do you think we could catch this issue after
adding diagnostics to the PageManager component?
Are you editing the PageSecurity information frequently, or is it
generally static?
Randy
ram.sachin2000 wrote:
Randy,
Thanks for the quick reply.
We are using 2.1.3 with psmls stored in database (Database Page Manager)
We are not using profiler to select home pages for different users.
Showing of different home pages to different users based on their roles are
done using the security constraints declared in the page.security (tables
PAGE_SECURITY, PAGE_SEC_CONSTRAINTS_DEF, PAGE_SEC_CONSTRAINTS_REF,
PAGE_SEC_CONSTRAINT_DEF)
We declare both the grant and deny constraints as documented in
http://portals.apache.org/jetspeed-2/guides/guide-security-declarative-psml.html
and we have multiple home pages that sits on the root folder (/). These
different home pages have different security constraints references to both
grant and deny permissions.
Here is the synopsis of what really happened
Periodically users are seeing pages that they are not supposed to see. The
problem tends to correct itself after some time. The constraints are applied
as mentioned above where we are using both grants and denies.
The following is the snippet from the page.security file
<security-constraints-def name="privilege1-grant">
<security-constraint>
<roles>executive_role</roles>
<permissions>view,edit</permissions>
</security-constraint>
</security-constraints-def>
<security-constraints-def name="privilege1-deny">
<security-constraint>
<roles>executive_role</roles>
</security-constraint>
</security-constraints-def>
<security-constraints-def name="privilege2-grant">
<security-constraint>
<roles>employee_role</roles>
<permissions>view,edit</permissions>
</security-constraint>
</security-constraints-def>
<security-constraints-def name="privilege2-deny">
<security-constraint>
<roles>employee_role</roles>
</security-constraint>
</security-constraints-def>
Here is the snippet from a psml which is having deny permission
<security-constraints>
<security-constraints-ref>privilege1-deny</security-constraints-ref>
<security-constraints-ref>privilege2-grant</security-constraints-ref>
</security-constraints>
Let me know if you need any additional information.
I will take a look at 2.1.3-POSTRELEASE branch.
Thanks
Ram
Randy Watler wrote:
Niruparma,
What version are you running and which page manager are you using?
If you are on 2.1.3, there were some issues with the database page
manager cache. This has been refactored to use ehcache and ported back
to 2.1.3-POSTRELEASE. There are also plans to release a 2.1.4 soon.
Also, if you could pass along some detail on your page and profiler
configurations used to select home pages, that might be helpful as well.
Randy
Nirupama Mallavarupu wrote:
Hi,
We have a production deployment of JetSpeed Portal where we have the
security constraints setup in such a way that each user sees the home
page assigned to his/her role, when they login to the portal. However,
under some unknown circumstances ( the client is unable to pinpoint), the
security constraints disappear and everyone is able to see all the home
pages. After about half an hour, the security constraints again kick
back in mysteriously ( in the meantime, the client panics and stops and
restarts the portal, the db servers and everything several times with no
effect.
Any clues or suggestions as to what could be causing the issue ?
Appreciate any help you can provide!
Thanks!
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
