Topic
IC4NOTICE: developerWorks Community will be offline May 29-30, 2015 while we upgrade to the latest version of IBM Connections. For more information, read our upgrade FAQ.
1 reply Latest Post - ‏2014-02-26T05:16:18Z by nitesh.agrawal
ameynandedkar
ameynandedkar
1 Post
ACCEPTED ANSWER

Pinned topic Apply ACL to Virtual Junction childs

‏2014-02-20T01:32:59Z |

Hello,

I have a simple requirement of allowing a few URLs on a virtual junction with a passthrough and restrict others by a SAM login page. I have added the junction and then created object space mappings within the TAM sever (via Web Portal Manager) and applied the respective ACLs on the created Objects. But the ACLs on the child objects in this virtual junction only behave as per the main ACL on the junction and therefore have no effect. Can you please guide as to where I am making the error?

=== @junction_name                     --> Default WebSEAL (ACL)

=======URL1 [Created as /<websealname>/@<virtualjunction>/<URLdir>]               --> Default WebSEAL (ACL)

=======URL2 [Created as /<websealname>/@<virtualjunction>/<URLdir>]               --> Default Passthrough (ACL with Unauthenticated as T-r-x)

In this case accessing the junction's virtual host with /URL1 and /URL2 both result in the SAM logon page to be displayed. If I set junction's ACL to passthrough, then the URL1 too becomes passthrough.

 

Thanks,

Amey

  • nitesh.agrawal
    nitesh.agrawal
    5 Posts
    ACCEPTED ANSWER

    Re: Apply ACL to Virtual Junction childs

    ‏2014-02-26T05:16:18Z  in response to ameynandedkar

    Hi Amey,

    We have implemented similar scenario in our environment as well. What we are doing is we have allowed anonymous access to our website but whenever they are trying to access any of the restricted pages like emails/internal blogs/forum etc. they have been forced to login before they can access it.

    What we did is like we have created a acl with user access as "TcmdbsvaBRl" and group access as "Tgmdbsrxl" along with "Unauthenticated Tr" and "Any-other Tr" setting. Then apply this acl to the root of the junction. Then create another acl for restricted access and wherever you want restricted access simply override the URI with restricted acl.

    Cheers,

    Nitesh