portals-jetspeed-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "David Sean Taylor (JIRA)" <jetspeed-...@portals.apache.org>
Subject [jira] Resolved: (JS2-645) Portlet Security Constraints
Date Thu, 15 Feb 2007 18:15:05 GMT

     [ https://issues.apache.org/jira/browse/JS2-645?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

David Sean Taylor resolved JS2-645.
-----------------------------------

    Resolution: Fixed

I have been testing this feature for a few weeks now. 

> Portlet Security Constraints
> ----------------------------
>
>                 Key: JS2-645
>                 URL: https://issues.apache.org/jira/browse/JS2-645
>             Project: Jetspeed 2
>          Issue Type: New Feature
>          Components: Security
>    Affects Versions: 2.1-dev
>            Reporter: David Sean Taylor
>         Assigned To: David Sean Taylor
>             Fix For: 2.1-dev
>
>
> Implement declarative portlet security constraints ("Security at the portlet level")
feature. 
> In Jetspeed 2.0, you can only define security permissions for a portlet. You cannot define
security constraints for a portlet.
> The portal will hold a direct relationship between a portlet and a security-constraint-definition.
> Security Constraints are not Java Security Permissions, but a  Jetspeed specific way
of securing portlets, also known as PSML constraints.
> See the <i>page.security</i> file for examples of defining security constraint
definitions.
> If a Jetspeed Security Constraint is not defined for a portlet, the constraint applied
will then fallback to the constraint defined for the portlet application.
> If the portlet application does not define a constraint, then no security constraints
will be applied to this portlet. 
> Security constraints for a portlet are normally checking during the render process of
a portlet and will be applied to all pipelines.
> The constraints will be defined in the jetspeed-portlet.xml deployment descriptor, holding
a named security constraint references
> Example:
> jetspeed-portlet.xml:
> <portlet-app id="demo" version="1.0"
> ...
>    <security-ref>public-edit</security-ref>
> ...
>  <portlet>
>         <portlet-name>PickANumberPortlet</portlet-name>
>         <security-ref>public-edit</security-ref>
> </portlet>

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.


---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-dev-unsubscribe@portals.apache.org
For additional commands, e-mail: jetspeed-dev-help@portals.apache.org


Mime
View raw message