roller-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From jonathan <>
Subject user/group based access control
Date Mon, 07 Jan 2008 21:52:02 GMT
Is there a recommended way to pursue per-user or group-based access 
permission?  We're currently hooking into our ldap system for login, and 
would like to be able to set up "groups" (not necessarily in ldap) of 
users with access control to view or edit particular blogs.

It seems like this could be done by injecting new user "roles" into the 
database, and then setting a url pattern match in security.xml, but it 
also seems like this is both generally ugly, and liable to cause 
nightmares during future roller upgrades.

Any thoughts or pointers that would minimize both short and long-term 
pain would be most appreciated.


View raw message