Role access control not working ? !!

This forum is only for questions or discussions about working with the mojoPortal source code in Visual Studio, obtaining the source code from the repository, developing custom features, etc. If your question is not along these lines this is not the right forum. Please try to post your question in the appropriate forum.

Please do not post questions about design, CSS, or skinning here. Use the Help With Skins Forum for those questions.

This forum is for discussing mojoPortal development

This forum is only for questions or discussions about working with the mojoPortal source code in Visual Studio, obtaining the source code from the repository, developing custom features, etc. If your question is not along these lines this is not the right forum. Please try to post your question in the appropriate forum.

You can monitor commits to the repository from this page. We also recommend developers to subscribe to email notifications in the developer forum as occasionally important things are announced.

Before posting questions here you might want to review the developer documentation.

Do not post questions about design, CSS, or skinning here. Use the Help With Skins Forum for those questions.
This thread is closed to new posts. You must sign in to post in the forums.
8/23/2015 11:57:57 AM
lived
Gravatar
Total Posts 50
View Posts

Role access control not working ? !!

Dear All, 

Any one facing roles access control not working problems? 

Currently i have a situation, i have 4 menu in the system, i set 2 of the menu access by worker role , admin role can access 4 or the menu. 

but when i log out from the admin role, and log in using the worker role, eventually i can access 4 of the menu like admin access . 

Is that a bug in mojo ? 

The version i am using is mojoPortal Version 2.4.0.4 MSSQL . will this access right problem cause by reverse proxy ? 

Please help 

 

thanks 

8/23/2015 12:02:13 PM
lived
Gravatar
Total Posts 50
View Posts

Re: Role access control not working ? !!

For this situation , is rather a bit rare cause i use mojo for long time, it doesnt happen but no in very frequent . What is the cause of this ? anyone facing same problem b4 ? 

8/23/2015 12:30:12 PM
Joe Audette
Gravatar
Total Posts 18439
View Posts

Re: Role access control not working ? !!

menus do not enforce any security, they do hide links if the user is not in an allowed view role but that is all they do.

the page itself enforces security if a user tries to access an url for a page that is protected by roles that user is not a member of.

I am not aware of any bugs in this functionality.

possibly with a proxy server if it does any caching it could return a page with an unfiltered menu that was cached by a user who has permission

You must sign in to post in the forums. This thread is closed to new posts.