portals-jetspeed-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Andrew Strickland" <stric...@gmail.com>
Subject Re: CategoryPortletSelector, Search, and Roles
Date Thu, 03 Apr 2008 04:46:37 GMT
So I guess my user was an "admin" then?  I don't remember giving myself that
priviledge but I'll have to check what roles and permissions our user
creation (registration) portlet is doing.  We've replaced the default login
portlet with one of our own that uses CAC cards to register the user and
then we pull their attributes from an LDAP store when they log in.

We're running Jetspeed 2.1.3.

What I did was make everything I didn't want to show up in the
CategoryPortletSelector (including the j2-admin login portlets) have a
js:security-constraint-ref of "devmgr".  And that works...but now we have a
forked j2-admin portlet application.  What I was thinking of doing was
adding a dependency in our portlet application to the j2-admin WAR.  Could
we then selectively override individual files (like jetspeed-portlet.xml)
w/o having to modify the source of the j2-admin war?  This would prevent a
fork and lots of headaches for us during upgrading to each new Jetspeed

On Wed, Apr 2, 2008 at 12:59 PM, David Sean Taylor <david@bluesunrise.com>

> On Apr 1, 2008, at 11:26 AM, Andrew Strickland wrote:
> > Hi,
> >
> >   I want to exclude all of the admin portlets from j2-admin from
> > showing up
> > in the CategoryPortletSelector so that regular users (e.g. non admin
> > users)
> > that search for a portlet do not see them in the search results.
> > What is
> > the best way to do this?  I noticed that the UserBrowser portlet
> > does not
> > show up under any of the categories, even when logged in as the
> > "admin"
> > user.  By what mechanism is this accomplished and is this the same
> > way that
> > we would exclude the other admin portlets?  How does the user's
> > roles play
> > in here?
> >
> Most admin portlet should already be excluded from the category
> portlet selector
> What version of Jetspeed-2 are you using ?
> Portlets are filtered by role, and all j2-admin portlets should
> require the admin role, as specified in the jetspeed-portlet.xml for
> the j2-admin app:
>    <js:security-constraint-ref>admin</js:security-constraint-ref>
> Some of the j2-admin portlets need to be selectable by non-admin
> users, such as the login portlet:
>     <portlet>
>         <portlet-name>LoginPortlet</portlet-name>
>         <js:security-constraint-ref>public-view</js:security-
> constraint-ref>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: jetspeed-user-unsubscribe@portals.apache.org
> For additional commands, e-mail: jetspeed-user-help@portals.apache.org

  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message