Affects Version/s: 6.1.1 CE GA2
Environment:GlassFish Server Open Source Edition 22.214.171.124 (build 5)
MySQL Server Version: 5.1.61-0+squeeze1-log
Steps to reproduce:
- create user U (user is no member to any usergroup or organization)
- make sure no role is assigned to U which means she should be just managed with implicit regular role "User"
- remove the permission "General > Go to Control Panel, scope Portal" from role "User"
- login as U
- click on the linked username in the upper right corner (besides Sign Out) which should lead to "Manage My Account"
=> an Not Found error is displayed (The requested resource was not found) [screenshot attached]
Just little information in the corresponding logs:
INFO [PortalImpl:4873] Current URL /en/group/control_panel/manage?p_p_auth=Ya8YLd7s&p_p_id=2&p_p_lifecycle=0&p_p_state=maximized&p_p_mode=view&doAsGroupId=10180&refererPlid=10784&_2_struts_action=%2Fmy_account%2Fedit_user generates exception: User 11024 is not allowed to access the private pages of group 10172
INFO [PortalImpl:4890] User 11024 is not allowed to access the private pages of group 10172