PM74420: WCM.PATH.TRAVERSAL.SECURITY DOESN'T WORK FOR MENU COMPONENT

APAR status

• Closed as program error.

Error description

• Setting wcm.path.traversal.security to true in
  WCMConfigService.properties, menu still renders nodes of which
  the whole path are
  not accessed to users.
  

Local fix

• Fix the PAC module.
  

Problem summary

• wcm.path.traversal.security doesn't work for menu component
  
  Setting wcm.path.traversal.security to true in
  WCMConfigService.properties, menu still renders nodes of which
  the whole path are not accessed to users.
  
  Fix the PAC module.
  
  
  
  Setting wcm.path.traversal.security to true in
  WCMConfigService.properties, menu still renders nodes of which
  the whole path are not accessed to users.
  
  1, Create a userA
  2, Create a siteAreaA. Do not give access to userA. Create a
  siteAreaB. Give access to userA.
  3, Create some contentA and contentB under siteAreaA. Give
  access to userA
     Create contentA_B and ContentB_B under siteAreaB. Give access
  to userA
  4, Set wcm.path.traversal.security to true from WAS and restart
  portal
  5, Create a menu rendering siteA and siteB
  
  6, Rendering Menu for userA
  7, Make sure userA only have access to contentA_B and
  ContentB_B
  
  8, Set wcm.path.traversal.security to false  from WAS and
  restart portal
  10, Rendering Menu for userA
  11, Make sure userA only have access to contentA, contentB,
  contentA_B and ContentB_B
  

Problem conclusion

• Take care that situation
  

Temporary fix

Comments

APAR Information

• APAR is sysrouted FROM one or more of the following:

• APAR is sysrouted TO one or more of the following:

Fix information

• Fixed component name

  LOTUS WEB CONT

• Fixed component ID

  5724I2900

Applicable component levels

• R700 PSY

     UP

• R800 PSY

     UP