portals-jetspeed-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Ate Douma" <...@douma.nu>
Subject Re: [J2] RFI: Security implementation (2)
Date Thu, 15 Apr 2004 22:59:48 GMT
David Le Strat wrote:
> Ate,
> 
> I agree with you that this could be an interesting
> feature.  I was not planning on implementing this
> initially.  Be we should be able to incorporate this
> easily though.  Anyone want to take this on?

Great to hear. 
I think the required changes for implementing this could be relatively
small.
Adding a boolean disabled attribute to o.a.j.security.BasePrincipal
would do it (and of course BasePrincipalImpl and the object
model behind it). The LoginModule, UserManager, GroupManager
and RoleManager then can decide on this attribute if the Principal may
be used (in isUserInRole(), isGroupInRole(), etc.)

Maybe I'll can spend some personal time on this in a few weeks time.
If somebody beats me to it, well I won't mind :-)

Ate

> 
> David.
> 
> --- Ate Douma <ate@douma.nu> wrote:
>> One more think I like to know about the (future)
>> security implementation:
>> 
>> I have the requirement to be able to disable a user,
>> a role and/or a group.
>> In J1 a user can be disabled but not a role or a
>> group.
>> I guess disabling users will be supported by J2 to
>> allow migration from J1
>> but what about roles and groups?
>> 
>> It would allow for really advanced access management
>> in J2 without it
>> getting in the way for who doesn't need it (could
>> even be *hidden* through
>> configuration if needed).
>> 
>> To have this standard available in J2 would be very
>> nice, not only for me
>> but I think for most large J2 implementations.
>> Implementation itself would
>> be quite easy and the gain enormous.
>> 
>> Is this something which I may expect to be
>> implemented, must I create a
>> feature request for it first, or will this never be
>> part of the default J2
>> (in which case I will be required to change J2 to be
>> able to implement
>> it).
>> 
>> Regards, Ate
>> 
>> 
> ---------------------------------------------------------------------
>> To unsubscribe, e-mail:
>> jetspeed-dev-unsubscribe@jakarta.apache.org
>> For additional commands, e-mail:
>> jetspeed-dev-help@jakarta.apache.org
>> 
> 
> 
> 
> 
> 
> __________________________________
> Do you Yahoo!?
> Yahoo! Tax Center - File online by April 15th
> http://taxes.yahoo.com/filing.html


---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: jetspeed-dev-help@jakarta.apache.org


Mime
View raw message