Forums

Home » Liferay Portal » English » x. Miscellaneous

Combination View Flat View Tree View
Threads [ Previous | Next ]
toggle
quentin giraudon
How to block guest access to /tunnel-web/axis
September 28, 2012 5:28 AM
Answer

quentin giraudon

Rank: New Member

Posts: 11

Join Date: September 19, 2012

Recent Posts

Hello,

In our project, we have to remove guest access from the portal. We used CAS server for the authentication so we added a filter to /* in the web.xml file.
We use the Liferay core Webservices in our application. Few days ago, we saw we can access to http://127.0.0.1:8080/tunnel-web/axis in guest and with logged users....

So my question is how to block the access from that page, in particular for guests users.
And if we can block this page, will the webservices still be accessible ? (with http://test:test@localhost:8080/tunnel-web/secure/axis/Portal_UserService for instance)

thanks !
quentin giraudon
RE: How to block guest access to /tunnel-web/axis
October 5, 2012 5:13 AM
Answer

quentin giraudon

Rank: New Member

Posts: 11

Join Date: September 19, 2012

Recent Posts

Ok, i founded a "solution" for those interested.

In tunnel-web/WEB-INF folder, edit the web.xml file and remove (or comment) every filter-mapping with the url-pattern /axis/*

Then try to access the page http://127.0.0.1/tunnel-web/axis
you should get a tomcat 404 error, not bad emoticon

then, write your own 404 error jsp page and declare it in the web.xml file by adding this :
<error-page>
<error-code>404</error-code>
<location>/errors/ErrorPage.jsp</location>
</error-page>

the folder errors should be created directly inside the tunnel-web folder

then in your custom page, add this :
<body onload="javascript:location.replace('<%= redirect %>')">
where redirect is a String declared to be "/"

So try again access to http://127.0.0.1/tunnel-web/axis, you should be redirected !

In my case, i use CAS Server and i added a filter to all urls (/*) to be treated by cas filter, so with this manipulation, accessing http://127.0.0.1/tunnel-web-axis redirect me directly to the CAS Server login page, exactly what i wanted emoticon

I hope i'll not discover other pages with that kind of guest access by everyone in the portal, feel free to let your comments if you know some ;) or if you know a better solution !

I precise that the web service secure access http://127.0.0.1/tunnel-web/secure/axis/Portal_UserService for instance is still working if you pass a good account in the url
Hitoshi Ozawa
RE: How to block guest access to /tunnel-web/axis
October 7, 2012 8:14 AM
Answer

Hitoshi Ozawa

Rank: Liferay Legend

Posts: 7949

Join Date: March 23, 2010

Recent Posts

quentin. thank you for sharing with us your solution. emoticon