Home » Liferay Portal » English » 3. Development

Combination View Flat View Tree View
Threads [ Previous | Next ]
shravan manda
Edit Preferences Bug
May 7, 2008 1:00 PM

shravan manda

Rank: Junior Member

Posts: 44

Join Date: October 5, 2006

Recent Posts

Hello All,
I have noticed that a guest user(i.e., user who is not logged in) can reach portlet edit preferences area if they can guess the URL. I dont know if this a bug or not but it's dangerous. For example check out the weather portlet or mail portlet which are built in portlets but you can reach the preferences page by guessing the URL.

The edit configuration section seems to be well protected but I am not able to use it with a hot deployed portlet. I really appreciate if somebody can tell me how to use edit configuration area for hot deployed portlets or ways of securing edit preferences section. Thanks in advance

Shravan Manda

Participate in the State of Liferay Community 2017. Help the community and even win some prizes!