A
alank@daitangroup.com
Guest
Hi, So say I have Portal A that gives access to Portal User Object A, and similarly with Portal B. Now, if I try to Login to Portal B using Object A credentials, it won't work - as expected. However, if I have both portal links available to the users, a user from Portal A can login to Portal A, and without loging out , click the link to Portal B, without losing his authentication . So this means that a Portal A user can go around Portal B freely, which is highly undesirable for us. I have tried blocking out User A's visibility by limiting the views set on Portal B and vice-versa, but some views and permissions are open to all Portal Users, so there's no way to limit this. It seems like the Portals should not behave this way, and might potentially be of security risk for us. Is there anything we can do to stop this?
Continue reading...
Continue reading...