Security Context API (UserInRole) Does Not Work in Webcenter Spaces (Doc ID 1090175.1)

Last updated on FEBRUARY 03, 2017

Applies to:

Oracle WebCenter Portal - Version 11.1.1.1.0 to 11.1.1.2.0 [Release 11g]
Information in this document applies to any platform.
Checked for relevance on 30-Jan-2014

Goal

The security context API "#{securityContext.userInRole} " does not work in Oracle WebCenter Spaces portlet.  As a result portlets can not be hidden or displayed when using this API.

Below are the steps to illustrate the problem:

  1. Login as a user with Administrator rights (weblogic).
  2. Create a new Spaces page.
  3. Add any portlet to the newly-created page.
  4. Open the portlet Properties dialog.
  5. Edit the 'Show Component' attribute and input the expression string:
    #{securityContext.userInRole['RoleName']}
  6. Click 'Test'.


Notice, the expression evaluates to false even though the user is a member of the Role. In essence, the portlet, will not be displayed to this user.
More information about this expression can be found in Oracle Fusion Middleware Fusion Developer's Guide for Oracle Application Development Framework under the section "How to Evaluate Policies Using EL".
Note that the above documentation is only applicable to web applications / custom applications.

Solution

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms