Anonymous user want access to an iview of the portal
I have a problem with the security in portal. The fact is I want an anonymous user access to an iView. For that I do it :
- I created an iView with visual composer which call an alias of a java web service declared in system administration,
- I add an anonymous user group in the permission properties (End user is checked) of the iView
- I add an anonymous user group in the permission properties (End user is checked) of web service alias
When i execute iView with a direct URL, I can see the iView but I can execute an action which call an web service alias. When I look at defaultTrace.trc in Log Viewer (Visual Administrator), I have this message :
com.sapportals.portal.prt.runtime.PortalRuntimeException: Access is denied: com.sap.visualcomposer.vcbroker - user: Guest,
This iView works fine with an logged user. Could you tell me if I forget something when I give permission to an anonymous user ?
Sorry for my english _
Bharath Chowdary replied
See sap Note # 985983
An anonymous portal user is trying to run a Visual Composer Flash iView but discovers that this activity is not possible.
Reason and Prerequisites
The action of running a Visual Composer Flash iView activates a direct Portal component; when run by an anonymous user it exposes the backend systems to non secure activities.
No workaround is available as the workaround will expose the security described issue.