Restrict Access to api/jsonws page for normal users

Alex Man, modified 9 Years ago.

Junior Member Posts: 70 Join Date: 2/8/16 Recent Posts

Can anyone please tell me how we can Restrict Access to Liferay api/jsonws page for normal users. api/jsonws page should be accessible only for admin users.

Do we have any option to do that in Liferay.

Parth Ghiya, modified 9 Years ago.

RE: Restrict Access to api/jsonws page for normal users

Junior Member Posts: 35 Join Date: 7/2/13 Recent Posts

I guess this feature is not in Liferay 6.2 emoticon

jsonws.web.service.api.discoverable=false

Reference : https://issues.liferay.com/browse/LPS-50668

Ashish Tiwari, modified 7 Years ago.

RE: Restrict Access to api/jsonws page for normal users

New Member Post: 1 Join Date: 3/3/15 Recent Posts

Use below GIT commit extracted from the issue # mentioned in the last comment to write an EXT for Liferay 6.2

https://github.com/hhuijser/liferay-portal/compare/b3c56c6ab0...91e24a5106

Hope that helps

Christoph Rabel, modified 7 Years ago.

RE: Restrict Access to api/jsonws page for normal users

Liferay Legend Posts: 1555 Join Date: 9/24/09 Recent Posts

David Nebinger wrote a blog post a while ago about that, but for Liferay 7:

https://community.liferay.com/de/blogs/-/blogs/securing-the-api-jsonws-ui

The general idea should apply to 6.2 too, hooking the jsp and adding a permission check to it.

Community

Company

Feedback

Ask Questions and Find Answers

Important:

Ask is now read-only. You can review any existing questions and answers, but not add anything new.

But - don't panic! While ask is no more, we've replaced it with discuss - the new Liferay Discussion Forum! Read more here here or just visit the site here:

discuss.liferay.com

Restrict Access to api/jsonws page for normal users