I'm trying to determine if using the Custom Start page within a role negates the 'whitelist' within a Resource Profile.
For example, Custom Start Page: https://abc.xyz.com is defined. Will defining https://abc.xyz.com:443/webpage/* within the Web Access Control Auto Policy (Resource Profile) restrict access to only pages starting with https://abc.xyz.com:443/webpage/* or does defining the Custom Start page URL allow access to ALL URLs using that root regardless of what is in the Resource Profile?
Note that https://abc.xyz.com:443/* is NOT defined in the Web Access Control Auto Policy. We are able to get to all links within the webpage, but are trying to limit access to certain links within the page using the auto policy which isn't working.
Any guidance is greatly appreciated. Thanks much!
Have you enabled the "Also allow access to directories below this url_" option under the User Roles > (Role Name) > General > UI Options under the "Start Page" section?
I believe you should see this behaviour (of you being able to browse all resources at https://abc.xyz.com:443/*_) only if you have this option enabled. Else, it should restrict you to just https://abc.xyz.com:443/
Thanks for responding! Yes, we do have the 'allow access to directories below this URL' checked. I should have mentioned that in my original post.
Wasn't sure exactly what that 'tick box' did...whether it allowed the root URL and lower directories initially and the Resource Policy was enfored or whether it over-rides the Resource Policy all together.
We're going to do some testing to see if the behavior is the same when we untick the 'allow access to directories below this URL' box. Will post findings.
Thanks for your input.
yup, it allows everything under the URL you have defined.
the ACLs are matched in a top-down form; however, since i don't believe there is one created that allows for moving, this i think will take precedence.