-
place the plugin into generate mode:
security-manager-enabled=generate
-
with no other policy rules in place, the policy for the app will behave as if PACL is enabled (performing expected checks)
-
however, rather than throwing an error on failed security checks, causing the plugin to fail, the individual checker which caused the failuer will contribute a suggested rule which resolves the failed check
-
the rules will be collected and writen (on the fly) to a properties file
-
the default write location is:
${liferay.home}/pacl-policy/${servletContextName}.policy