portals-jetspeed-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Deepak Kaimal <dkai...@trestlellc.com>
Subject RE: Jetspeed Authorization
Date Fri, 21 Aug 2009 02:02:46 GMT
Would you like help with this? If so, where do I start?

-----Original Message-----
From: David Sean Taylor [mailto:d.taylor@onehippo.com] 
Sent: Wednesday, August 19, 2009 4:35 PM
To: Jetspeed Developers List
Subject: Re: Jetspeed Authorization


On Aug 19, 2009, at 2:15 PM, Deepak Kaimal wrote:

> David,
> Thank you for your response and I hope you enjoyed your vacation, I  
> am sure it was well earned.
>
> My aim was to create a Policy Enforcement Point (PEP) for J2 with  
> the OpenSSO server acting as the PDP and PAP. As we progressed, we  
> realized that the authorization components are distributed within  
> the J2 codebase and because of the different kinds of authorization  
> modes supported, it is not easy to pull just that component out.
>
> We have decided that letting J2 manage authorization internally is  
> probably more robust and performance optimized since there is no  
> easy and manageable way to plugin a new authorization system.
>
> Overall, I am now of the belief that authentication can be  
> centralized, but authorization is best handled natively.
>
OK... yes, we have the Java Security Policy based checks as well as  
Security Constraints. I still like the idea of having a central  
security accessor service as the dependency to all other services  
requiring high level authorization checks. I am considering creating a  
JIRA issue to complete this work, although Im quite busy right now  
coming, especially after returning from vacation :) and not sure when  
I can get to it

---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-dev-unsubscribe@portals.apache.org
For additional commands, e-mail: jetspeed-dev-help@portals.apache.org


---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-dev-unsubscribe@portals.apache.org
For additional commands, e-mail: jetspeed-dev-help@portals.apache.org


Mime
View raw message