Can anyone please tell me how we can Restrict Access to Liferay api/jsonws page for normal users. api/jsonws page should be accessible only for admin users.
Do we have any option to do that in Liferay.
Can anyone please help me on this
I guess this feature is not in Liferay 6.2 :(
jsonws.web.service.api.discoverable=false
Reference : https://issues.liferay.com/browse/LPS-50668
Options which i am aware about you can do in 6.2
Write your logic there //write specific pattern
<servlet-filter>
<servlet-filter-name>ServiceAccessPage</servlet-filter-name>
<servlet-filter-impl>com.check.access.ServiceAccessPage</servlet-filter-impl>
<init-param>
<param-name>initparam</param-name>
<param-value>Hi IP Address Filter</param-value>
</init-param>
</servlet-filter>
<servlet-filter-mapping>
<servlet-filter-name>ServiceAccessPage</servlet-filter-name>
<url-pattern>/api/jsonws</url-pattern>
<dispatcher>REQUEST</dispatcher>
<dispatcher>FORWARD</dispatcher>
</servlet-filter-mapping>
inside ServiceAccessPage.java
public void doFilter(ServletRequest request, ServletResponse response,
FilterChain chain) throws java.io.IOException, ServletException {
//get user & Redirect to session.setAttribute(WebKeys.LAST_PATH, redirectionFailPath);
logger.info("DoFilter method being called");
}
[This will be called before every every action :(]
Get user from request, & Manage Landing page accordingly.
write one property to turn off/on page & Override JSONWebServiceServlet