Return-Path: Delivered-To: apmail-portals-jetspeed-user-archive@www.apache.org Received: (qmail 92149 invoked from network); 3 Apr 2008 04:47:10 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.2) by minotaur.apache.org with SMTP; 3 Apr 2008 04:47:10 -0000 Received: (qmail 24834 invoked by uid 500); 3 Apr 2008 04:47:08 -0000 Delivered-To: apmail-portals-jetspeed-user-archive@portals.apache.org Received: (qmail 24799 invoked by uid 500); 3 Apr 2008 04:47:07 -0000 Mailing-List: contact jetspeed-user-help@portals.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: "Jetspeed Users List" Delivered-To: mailing list jetspeed-user@portals.apache.org Received: (qmail 24784 invoked by uid 99); 3 Apr 2008 04:47:07 -0000 Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 02 Apr 2008 21:47:07 -0700 X-ASF-Spam-Status: No, hits=2.0 required=10.0 tests=HTML_MESSAGE,SPF_PASS X-Spam-Check-By: apache.org Received-SPF: pass (athena.apache.org: domain of strickla@gmail.com designates 66.249.82.238 as permitted sender) Received: from [66.249.82.238] (HELO wx-out-0506.google.com) (66.249.82.238) by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 03 Apr 2008 04:46:26 +0000 Received: by wx-out-0506.google.com with SMTP id i28so3387871wxd.20 for ; Wed, 02 Apr 2008 21:46:38 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=beta; h=domainkey-signature:received:received:message-id:date:from:to:subject:in-reply-to:mime-version:content-type:references; bh=EO1oEEgA2mFFshtCpF+Ml3WZMfD0R0bBk88cDOyeHXY=; b=P9EW8BiskK4BTIiHc/lHij91/f9UN67ur2dRqe9RApZBhiUCXlJIxMAb9WjtHC7stmQZltF+GyCDc+EqjFnezhJlF/W8c6W8cOZe9mZyWaQgUO31vExmNJJYxMoUqFgqEb3F99NTRCB+K0VVRdBAkaMfV6my80NliaKeWz+OJ7Q= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=message-id:date:from:to:subject:in-reply-to:mime-version:content-type:references; b=K7ZObsPTgpQlN8aZpwdvFPxIPN8lpaqXXQiYx07CeVpMXxajBO5xFXsgNNan5d9+O83QdUB7OuoicxDebpxMlPZxQX4SoyFt+XtjI1HT0p0a363/mJ0hasJxxgUsuviwgOwQ8kFsdWC+lcSowjXfnhUmfkz38a71hMxNYrW/aOs= Received: by 10.142.89.9 with SMTP id m9mr6689628wfb.116.1207197997383; Wed, 02 Apr 2008 21:46:37 -0700 (PDT) Received: by 10.143.123.1 with HTTP; Wed, 2 Apr 2008 21:46:37 -0700 (PDT) Message-ID: <94cd6be60804022146u2fc48fe8s74b649e1aaa2841e@mail.gmail.com> Date: Thu, 3 Apr 2008 00:46:37 -0400 From: "Andrew Strickland" To: "Jetspeed Users List" Subject: Re: CategoryPortletSelector, Search, and Roles In-Reply-To: <9BD118D4-1AB4-47C5-920A-16C0A5E688E2@bluesunrise.com> MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="----=_Part_1221_7538768.1207197997379" References: <94cd6be60804011126w5966444he958484c31e85079@mail.gmail.com> <9BD118D4-1AB4-47C5-920A-16C0A5E688E2@bluesunrise.com> X-Virus-Checked: Checked by ClamAV on apache.org ------=_Part_1221_7538768.1207197997379 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Content-Disposition: inline So I guess my user was an "admin" then? I don't remember giving myself that priviledge but I'll have to check what roles and permissions our user creation (registration) portlet is doing. We've replaced the default login portlet with one of our own that uses CAC cards to register the user and then we pull their attributes from an LDAP store when they log in. We're running Jetspeed 2.1.3. What I did was make everything I didn't want to show up in the CategoryPortletSelector (including the j2-admin login portlets) have a js:security-constraint-ref of "devmgr". And that works...but now we have a forked j2-admin portlet application. What I was thinking of doing was adding a dependency in our portlet application to the j2-admin WAR. Could we then selectively override individual files (like jetspeed-portlet.xml) w/o having to modify the source of the j2-admin war? This would prevent a fork and lots of headaches for us during upgrading to each new Jetspeed release. On Wed, Apr 2, 2008 at 12:59 PM, David Sean Taylor wrote: > > On Apr 1, 2008, at 11:26 AM, Andrew Strickland wrote: > > > Hi, > > > > I want to exclude all of the admin portlets from j2-admin from > > showing up > > in the CategoryPortletSelector so that regular users (e.g. non admin > > users) > > that search for a portlet do not see them in the search results. > > What is > > the best way to do this? I noticed that the UserBrowser portlet > > does not > > show up under any of the categories, even when logged in as the > > "admin" > > user. By what mechanism is this accomplished and is this the same > > way that > > we would exclude the other admin portlets? How does the user's > > roles play > > in here? > > > > Most admin portlet should already be excluded from the category > portlet selector > What version of Jetspeed-2 are you using ? > Portlets are filtered by role, and all j2-admin portlets should > require the admin role, as specified in the jetspeed-portlet.xml for > the j2-admin app: > > admin > > Some of the j2-admin portlets need to be selectable by non-admin > users, such as the login portlet: > > > LoginPortlet > public-view constraint-ref> > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: jetspeed-user-unsubscribe@portals.apache.org > For additional commands, e-mail: jetspeed-user-help@portals.apache.org > > ------=_Part_1221_7538768.1207197997379--