portals-jetspeed-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From pau...@apache.org
Subject cvs commit: jakarta-jetspeed/proposals Security.txt
Date Tue, 04 Jun 2002 12:12:23 GMT
paulsp      2002/06/04 05:12:23

  Modified:    proposals Security.txt
  Log:
  Renamed security-entry attribute id to name.  The entry is now consistant
  when other registry entries in the registry.
  
  Revision  Changes    Path
  1.5       +11 -8     jakarta-jetspeed/proposals/Security.txt
  
  Index: Security.txt
  ===================================================================
  RCS file: /home/cvs/jakarta-jetspeed/proposals/Security.txt,v
  retrieving revision 1.4
  retrieving revision 1.5
  diff -u -r1.4 -r1.5
  --- Security.txt	28 May 2002 23:04:55 -0000	1.4
  +++ Security.txt	4 Jun 2002 12:12:22 -0000	1.5
  @@ -1,5 +1,5 @@
   Jetspeed Proposal: Portal Security 1.4
  -LAST MODIFIED: $Date: 2002/05/28 23:04:55 $
  +LAST MODIFIED: $Date: 2002/06/04 12:12:22 $
   AUTHOR:  taylor@apache.org, paulsp@apache.org
   STATUS:  
   
  @@ -27,7 +27,7 @@
   An original goal was to base this service on the Java Security Architecture and JAAS standards.
   We have since decided to scale back this proposal and to implement a simple security service
that is
   not tied to any optional Java packages. JAAS is only a part of the JDK starting with version
1.4. 
  -In the spirit of Jetspeed's easy installation and deployment, a security system  with minimal
configuration
  +In the spirit of Jetspeed's easy installation and deployment, a security system with minimal
configuration
   is the best starting point for a default implementation.
   
   After the default implementation is completed, we hope to soon have interest in creating
both LDAP and JAAS solutions.
  @@ -197,7 +197,7 @@
   3. Authorization
   4. Security Entity Maintenance
   
  -The security service implementation can  be conformant on two levels:
  +The security service implementation can be conformant on two levels:
   
   1. Level One Conformant - implements required interfaces
   2. Level Two Conformant - implements all interfaces
  @@ -360,6 +360,7 @@
   3.    The permission tag dropped
   
   An authorization constraint is defined as a security element in either a PSML element or
in a Registry. 
  +
   Constraints are applied to Portlet Resources. The types of resources that may have security
constraints are:
   
   1.    Portlet entries in the Registry
  @@ -424,7 +425,7 @@
   
   Attributes
   
  -1.    id (required)
  +1.    name (required)
   
   Elements
   
  @@ -476,7 +477,7 @@
   Example:
   -----------------------------------------
   
  -<security-entry id='pigInAPoke7'>
  +<security-entry name='pigInAPoke7'>
     <access action="view">
       <allow-if role="clerk">
       <allow-if role="manager">
  @@ -498,10 +499,12 @@
   3. Use its own policy or other repository 
   4. Dynamically load and check constraints from the Jetspeed Security Registry
   
  -These master constraints can be referenced by security constraints in PSML or other registry
entries. 
  +These master constraints can be referenced by security constraints in PSML or 
  +other registry entries. 
   
  -When implementing your own Jetspeed Security, entry ids can be used with external, centralized
policy managers. 
  -The id can be used to uniquely reference a security constraint in an external security
policy.
  +When implementing your own Jetspeed Security, entry ids can be used with 
  +external, centralized policy managers.  The name can be used to uniquely 
  +reference a security constraint in an external security policy.
   
   
   --------------------------------------
  
  
  

--
To unsubscribe, e-mail:   <mailto:jetspeed-dev-unsubscribe@jakarta.apache.org>
For additional commands, e-mail: <mailto:jetspeed-dev-help@jakarta.apache.org>


Mime
View raw message