All server functions used on a Cúram screen are checked for authorization when the page is initially loaded. If a user fails authorization for any of the server functions, an authorization error message will be displayed and the user will be prevented from viewing the page.
The SECURITY_CHECK_ON_PAGE_LOAD setting in curam-config.xml allows this functionality to be disabled and defers the authorization check to the server. For example, on an edit page that has both DISPLAY and ACTION server interfaces, the user must have authorization rights for the DISPLAY server interfaces at a minimum. If they do not have authorization rights for the ACTION server interfaces, the page will display, but they will get an authorization error message when they submit the page. To disable authorization on page load add the following to the curam-config.xml:
<SECURITY_CHECK_ON_PAGE_LOAD>false</SECURITY_CHECK_ON_PAGE_LOAD>
Please note if the SECURITY_CHECK_ON_PAGE_LOAD element is not specified, it defaults to TRUE.