Raising security exception "Billing Payroll Manager Role Required"

There is a session timeout pop up, which has two options continue and logout, on click of logout it is raising an security exception "Billing Payroll Manager Role Required" and rendering the screen "Invalid Permissions" instead of logging out and showing login screen. Even the screen is granted with the role Billing Payroll Manger. 

Hi Nishant,

What permissions do you need to see your timeout popup? Is it set to Anonymous? What about the logout button? Does it just log you out? Where does it redirect you to?

Afonso Carvalho wrote:

Hi Nishant,

What permissions do you need to see your timeout popup? Is it set to Anonymous? What about the logout button? Does it just log you out? Where does it redirect you to?


Hi Afonso,


I am using a web block for this session timeout thing, with public property set to No. On click of logout button, actually it is not logging out. It redirects to Invalid Permissions Screen. When i checked with debugger then i found that it is raising the security exception "Billing Payroll Manager Role Required".

What about the permissions of the screen that implements your timeout webblock?

"it is raising an security exception "Billing Payroll Manager Role Required" and rendering the screen "Invalid Permissions" instead of logging out and showing login screen. Even the screen is granted with the role Billing Payroll Manger. "


Your second sentence agrees with your first.

You get the message "Billing Payroll Manager Role Required"

And the screen is granted with the role Billing manager.


If you want the screen to show even if you don't have that role, you should grant it to registered or anonymous (not recomended).


When is the security exception raised? In your code or when accessing/redirecting to a screen? 

Afonso Carvalho wrote:

What about the permissions of the screen that implements your timeout webblock?

You can see in the attached screenshot.


Stefano Valente wrote:

"it is raising an security exception "Billing Payroll Manager Role Required" and rendering the screen "Invalid Permissions" instead of logging out and showing login screen. Even the screen is granted with the role Billing Payroll Manger. "


Your second sentence agrees with your first.

You get the message "Billing Payroll Manager Role Required"

And the screen is granted with the role Billing manager.


If you want the screen to show even if you don't have that role, you should grant it to registered or anonymous (not recomended).


When is the security exception raised? In your code or when accessing/redirecting to a screen? 

it is granted with registered.

this exception occurs when i am accessing the screen i.e when i click the logout button then it renders the invalid permissions screen due to this exception.


And what are the permissions in your login screen?

They should be set to anonymous.

Stefano Valente wrote:

And what are the permissions in your login screen?

They should be set to anonymous.

yes, it is set to anonymous, you can see here


Nishant Pareek wrote:

You can see in the attached screenshot.

When do Users see your timeout popup? Have they already lost their session and are now Anonymous? If this is the case, make sure both ends of your timeout flow (the popup and the Login screen) are set to Anonymous.

Afonso Carvalho wrote:

Nishant Pareek wrote:

You can see in the attached screenshot.

When do Users see your timeout popup? Have they already lost their session and are now Anonymous? If this is the case, make sure both ends of your timeout flow (the popup and the Login screen) are set to Anonymous.

yes when they lost their session. login screen is already set to anonymous. that web block of session timeout pop up has public property set to No for now. should i set that public property to Yes?


public or private is not the issue imho.

I am almost out of options. It seems your error is not the obvious mistake (which is good ;) .

If i had this error i would make (temporarily) make alle forms accessible for everyrole (including anonymous) and see where it goes. Then you know which screen gives the error.


Just to be sure: You do not raise an userexception in your code anywhere?

But you posted that the Screen that implements the webblock is not set to Anonymous. :)

It's not the Login screen that implements your webblock, right? Whichever screen implements your webblock just needs that Anonymous flag checked.

Afonso Carvalho wrote:

But you posted that the Screen that implements the webblock is not set to Anonymous. :)

It's not the Login screen that implements your webblock, right? Whichever screen implements your webblock just needs that Anonymous flag checked.

yes, login screen is not implementing that. there are 6 screens that implements that web block. as you said, i tried by setting Anonymous flag checked but that didn't work.


can you share your oml?



Stefano Valente wrote:

can you share your oml?




sorry, i can't ..