I went through the documentation on setting up multiple security rules
but I am still having a problem. If you look at the rule below, I
only want users with the role of Seller to be able to access
SelfService. However, if I log in as a buyer I am still able to access
it. I'm not sure what I'm doing wrong here.
<rules>
<rule>
<whitelist>lot\..*,security\..*,main\..*,general\..*,tag
\..*,content\..*,feed\..*,survey\..*,company\..*,civicArena\..*</
<securelist></securelist>
<roles>Buyer,Seller</roles>
<permissions></permissions>
<redirect>security.Login</redirect>
</rule>
<rule>
<whitelist></whitelist>
<securelist>^selfservice</securelist>
<roles>Seller</roles>
<permissions></permissions>
<redirect>security.Login</redirect>
</rule>
</rules>