Details
-
Bug
-
Resolution: Fixed
-
Major
-
None
-
None
-
None
-
None
-
3.1-SNAPSHOT
JBoss 4.0.5
Description
Scenation:
1. create a page called pageA and publish on public instance
2. on public instance enter URL acl for anonymous role protecting access to the pageA
3. try to access pageA - you will get login prompt
4. on author, rename pageA to pageB and republish
5. try to access pageB and it is unsecured.
pageB is unsecured because anonymous role URL acl didn't "update" page name. It stayed pageA. (i think its because it is not ussing UUID internally but just a string)
Potential side effects can be very serious for public sites.
Workaround:
- don't rename pages once secured

- after renaming pages updated anonymous role URL acl
Checklists
Acceptance criteria
Attachments
Issue Links
- is superseded by
-
MAGNOLIA-1542 roles dialog does not resolve the page after rename
-
- Closed
-