Troubleshoot and support > Access control problems
Troubleshoot: Missing resource-level policy for a command
A controller command, that does resource level access control checking, was extended without adding the resource-level access control policy for the new command
Problem: A controller command, that does resource level access control checking, was extended without adding the resource-level access control policy for the new command
Indication: An application error is displayed. In the trace.log file indicates failure on the resource-level policy check as shown in the following example:
PolicyManagerImpl.isAllowed isAllowed? User=510; Action=com.xyz.MyOrderItemAddCmd; Resource=com.ibm.commerce.order.objects._Order_Stub;; Owner=2002; Resource Ancestor Orgs=2002,-2001; Resource Applicable Orgs=2002 ... PolicyManagerImpl.isAllowed PASSED? =false
Solution:
- Load a new action and associate it with the action groups of the underlying WebSphere Commerce command. Refer to Access control implications when a controller command is extended.
Related tasks
Modify access control on existing WebSphere Commerce resources
Related reference
Sample: Access control policies for development purposes