Support to Suppress Post New Thread, Reply Only to Logged in Authorized Users (Doc ID 1377029.1)

Last updated on MARCH 08, 2017

Applies to:

Oracle WebCenter - Version: 11.1.1.4.0 and later   [Release: 11g and later ]
Information in this document applies to any platform.

Symptoms


Users who do not have privilege to Create Thread or Create Message do have the Post New Thread and Reply links.
When they click on those links, they get a new authentication challenge, although they are already authenticated.

Steps to reproduce
===================
1. As a WebCenter Discussion Administrator login to Discussion Admin Console

2. Go to Content -> Category Summary

3. Create a new Forum

4. Click on Permissions for the forum

5. Set it up in the following way:

Anyone: Read Forum
Registered Users: Read Forum, Rate Message, Vote in Poll
administrators: All privileges

6. Access to the forum as anonymous who should only have read permission

Notice that both the Post New Thread and Reply links are displayed, although the user does not have access to any of them

7. Click on Reply or Post New Thread, and notice that the login screen is displayed this may be ok, depending on customer's preference.

8. When logging in as a non-admin user who also only has read permission, it just re-throws the login page, although the user successfully logged in. This is wrong!

9. When viewing the forums with the non-admin user, then again, both the Post New Thread and Reply links are shown. This is wrong, as the user has no permission to do any of those.

10. When clicking on any of those links then again, a login screen is displayed, which is again wrong, as the user is already logged in.

Cause

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms