incubator-graffito-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Christophe Lombart <christophe.lomb...@gmail.com>
Subject Re: Graffito build for Jetspeed-2 M4-SNAPSHOT
Date Mon, 26 Sep 2005 22:38:22 GMT
On 9/26/05, Randy Watler <watler@wispertel.net> wrote:
> Christophe Lombart wrote:
>
> >Maybe it is a regression. Are you using the subproject
> >'jetspeed2-deploy' to deploy into J2 ? See in this subproject, there
> >are some xml file uses to deploy the application.
> >
> Yes, I am using this project to deploy, albeit modified for M4.
>
> >
> >Let me know if you need help. I don't know if I can access to your
> >modifications somewhere.
> >
> Here is the deal:
>
> The Graffito Browser is adding these objects to the RdbmsPolicy store:
>
> org.apache.portals.graffito.model.pemission.impl.CmsPermissionImpl
>
> While these appear to be correctly specified and stored by the browser,
> the Graffito
> security implementation is creating permission instances of this class
> type and
> sending these to the AccessController.checkPermission():
>
> org.apache.portals.graffito.security.impl.CmsPermissionImpl
>
> See
> components/src/java/org/apache/portals/graffito/security/impl/GraffitoAction.java.
>
> Unless I am missing something, the new permissions will not be seen by
> java security because the class types do not match. Of course, the initial
> setup/deploy has permissions granted to /role/admin using the
> org.apache.portals.graffito.security.impl.CmsPermissionImpl class and
> these work as expected.
>
> Did I miss some configuration that tells the Graffito Browser to use the
> security vs. model implementations?

no

> Am I missing some nuance of java
> security that would allow the model implementations to be read?
>
No (following my limited knowledge of JAAS)
Tomorow, I will review the code.
What's the behavior with J2 M3 ?

Mime
View raw message