Liferayは6年連続でGartner Magic Quadrantのリーダーに。 詳細はこちら
The Proposals Wiki has been deprecated in favor of creating Feature Requests in JIRA. If you wish to propose a new idea for a feature, visit the Community Ideas Dashboard and read the Feature Requests Wiki page for more information about submitting your proposal.
« FrontPage に戻る

Feeds and authentication

From the Jira Issue: Before Liferay 5.2.x you could access Message Board RSS feeds (and other) from a private page without authentication. Since 5.2.x you must authenticate for accessing such a feed. Instead of using HTTP (Basic) Authentication, you must use the form-based auth (or OpenID, CAS-SSO,..)

That is very annoying, because common feed readers only know to authenticate by using HTTP Authentication. And the is a property in where you can set the non auth paths "auth.public.paths". If this property is there and "/message_boards/rss" in included in this property, there should be no authentication required for feeds.

So what is the point? Either the entries in "auth.public.paths" are respected with no exceptions, or feeds should be accessible by using HTTP (Basic) Authentication, if a feed is from a Message Board in a private community.

What about OpenID, CAS-SSO and other Single Sign-On systems? They should also be supported, otherwise the access to RSS feeds might be broken again, if you use any kind of SSO

0 添付ファイル
23025 参照数
平均 (2 投票)
コメント 作成者 日時
Would like to recommend adding PKI Authentication. Krista M Leopold 2009/11/24 7:30
One solution is posted in Jira... Tobias Käfer 2009/12/08 3:38
Thanks Tobias, I'll try your solution. Hope... Lari Tuominen 2010/02/25 2:21

Would like to recommend adding PKI Authentication.
投稿日時:09/11/24 7:30
One solution is posted in Jira
This covers only wiki, blog and message-board feeds.

It does not cover the activities portlet, since this one uses a URL that is cannot be filter in servlet containers, since you cannot create something like this:
投稿日時:09/12/08 3:38
Thanks Tobias, I'll try your solution. Hope this will be fixed soon.
Tobias S. Käferへのコメント。投稿日時:10/02/25 2:21