Configuring the Portlet Container

If the logClientIPOnMalformedRequest initialization parameter is set to true, it will log the address of clients making failed attempts to access the Java portlets (due to malformed URLs).

If the AccessJavaPortletsFromPeopleSoftPortalOnly initialization parameter is set to true, only clients who have their REMOTE_USER setting will be allowed access. By default, all accesses from the user's homepage supply the REMOTE_USER setting.

Note: You can secure all of the Java portlets on your system using J2EE security and role-based permissions within your portlet logic.

The parameter can be found in the PortletContainerServlet definition in the web.xml of the /pspc application.

The following code is the relevant section from the /pspc/WEB-INF/web.xml within the domain:

<servlet>
   <servlet-name>PortletContainerServlet</servlet-name>
   <display-name>PeopleSoft PortletContainer Servlet</display-name>
   <servlet-class>com.peoplesoft.pt.portlet.container.ContainerServlet</servlet-class> 
       <!-- <load-on-startup>0</load-on-startup> -->
   <init-param>
       <param-name>logClientIPOnMalformedRequest</param-name>
       <param-value>true</param-value>
   </init-param>
	  <init-param>
		    <param-name>AccessJavaPortletsFromPeopleSoftPortalOnly</param-name>
		    <param-value>false</param-value>
	  </init-param>
</servlet>