Security Issues In Blogs - Blogs Created By One User Should Not Be Editable By Other Users (Doc ID 1961188.1)

Last updated on FEBRUARY 28, 2019

Applies to:

Oracle WebCenter Portal - Version 11.1.1.7.0 and later
Information in this document applies to any platform.

Goal

Blog Post created by User A (a .htm file in UCM) should only be editable by USER A and not by other users.
In current version of WebCenter Portal any authenticated user can edit the blog post created by USER A.
This is true even after modifying in the resource ID of the blog taskflow as connection_name#dCollectionID:dCollectionId (in JDeveloper).

Per <Document 1484718.1> The Blog TaskFlow does not Show the Create and Edit Capabilities in a Custom Portal Application, the user can edit the blogs, but the requirement is that blogs created by one user should not be editable by other users.

Solution

	To view full details, sign in with your My Oracle Support account.
	Don't have a My Oracle Support account? Click to get started!

In this Document

Goal

Solution

References

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.

Security Issues In Blogs - Blogs Created By One User Should Not Be Editable By Other Users (Doc ID 1961188.1)

Applies to:

Goal

Solution

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!