Troubleshoot and support > Access control problems


Troubleshoot: Missing policy for a new view

A new view is missing an access control policy.

Problem: Added a new view without an accompanying policy.

Indication: An application error is displayed. In the trace.log file the SiteAdminCanDoEverything policy is logged, but the user is not a Site Administrator.

WC_ACCESSCONT PolicyManagerlmpl.isAllowed isAllowed? User=123; Action=MyNewView; 
       
Resource=com.ibm.commerce.command.HttpForwardViewCommandlmpl; Owner=-2001; 
        Resource Ancestor Orgs=-2001,-2001; Resource Applicable
Orgs=-2001

WC_ACCESSCONT PolicyManagerlmpl.isAllowed Found PolicyName: 
        
SiteAdministractorsCanDoEverything; PolicyType: 2; PolicyOwner:-2001

WC_ACCESSCONT PolicyManagerlmpl.getPolicyApplicableOrgs Policy
Applicable Orgs=-2001

WC_ACCESSCONT PolicyManagerlmpl.evaluatePolicy Evaluating
PolicyName: 
        
SiteAdministratorsCanDoEverything

WC_ACCESSCONT d PolicyManagerlmpl.isAllowed PASSED?=false

Solution:

  1. Create a policy for the view. Refer to Adding a new view using existing policies for an example.

  2. Load the policy using the acpload utility.

  3. Update the Registry.


Related concepts

Understand access control


Related tasks

Implement access control


+

Search Tips   |   Advanced Search