Restricting access to a page using security groups

[GoogleCodeExporter]

What steps will reproduce the problem?
1. Logout of staging.vosao.com
2. Open staging.vosao.org/test
3. Login as test@vosao.org:test

What is the expected output? What do you see instead?

Expected an indication that user does not have read rights to page. Or that
the page is 403 or 404.

Instead login dialog indicates there is a JavaScript error.

(May be because the account is already logged in, but has no where to go.)

For both 404 and 403 errors, perhaps we want to include a special error.jsp
page, like login.jsp to present the error.

Returning to the home page for 404 seems confusing. It may be better to
call a 404, a 404. 

* http://www.gazaro.com/404

Original issue reported on code.google.com by ted.husted on 21 Feb 2010 at 2:11

[GoogleCodeExporter]

1. Javascript problem fixed on /login page. (Vosao global namespace added to 
global
js functions calls)
2. You forgot to add test user to test group. Added.
3. Added approved content for page /test

In current implementation if guest user is trying to access protected page then 
he is
redirected to /login page (url configured in site configuration) and after 
successful
login requested secure resource will be shown.

I think it's better behavior then showing 404 or 403.

It works.

Original comment by kinyelo@gmail.com on 21 Feb 2010 at 6:46

[GoogleCodeExporter]

Original comment by kinyelo@gmail.com on 14 Mar 2010 at 4:11

• Changed state: WontFix