portals-jetspeed-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Randy Watler <wat...@wispertel.net>
Subject Re: access control in jetspeed2 and integration with Spring?s ACEGI security access framework
Date Fri, 13 Jan 2006 05:03:04 GMT
On Thu, 2006-01-12 at 20:31 -0800, Tiwari, Sunil Kumar wrote:
> Hi,
> 
> I was looking into the access control in jetspeed2 and I noticed that it uses JAAS Authorization
to provide this.
> This link is useful for this: http://portals.apache.org/jetspeed-2/multiproject/jetspeed-security/atz-jaas.html
> 
> I have some questions here:
> 
> 1) Can we define more customized roles like privileged users apart from the existing
roles like user, manager, admin etc?
Yes. Roles are defined and configured using the role management admin
portlet.

> 2) I think portlet level access control is not provided. Correct me if I am wrong. If
I create a simple user then he doesnt have  edit options neither at page level nor  at
>    portlet level where as a user as an admin has all. What if I dont want the user to
have edit option for the page but for some of the portlets on the page?
>    How can it be achieved?
- Portlet level access can be controlled by the isUserInRole() JSR-168
API within the portlet itself.
- Portlets visible in the customizer portlet selector are configured via
PortletPermissions.
- Page Fragments visibility can be further constrained using security
constraints on the individual Fragments. Edit permissions for Fragments
are currently inherited by the Page.
So, I do not think what you are asking for is currently supported. There
is an open JIRA issue on the current limitations... feel free to add
your requirements to the comments:

https://issues.apache.org/jira/browse/JS2-354


> 3) How to integrate Spring’s ACEGI security access framework with jetspeed2?
Not sure. David Taylor looked into ACEGI some time ago, but I dont
recall what the outcome was. As usual, try searching the lists :-).

> 
> Thanks in advance,
> -Sunil
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: jetspeed-user-unsubscribe@portals.apache.org
> For additional commands, e-mail: jetspeed-user-help@portals.apache.org


---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-user-unsubscribe@portals.apache.org
For additional commands, e-mail: jetspeed-user-help@portals.apache.org


Mime
View raw message