You are viewing a plain text version of this content. The canonical link for it is here.
Posted to jetspeed-user@portals.apache.org by robin <ro...@adm-soft.com> on 2011/03/28 10:14:31 UTC
J2 Security Customization: add organization
Hi
i want to add organization for user management, and try to use user, role table created by myself, after search this topic by google, that said i can reimplement SecurityValve, anything else for suggestion? which interfaces i must reimplement?
2011-03-28
Best Regards
Robin Xie
Re: J2 Security Customization: add organization
Posted by Ron Wheeler <rw...@artifact-software.com>.
On 30/03/2011 11:24 PM, robin wrote:
> if config ldap security in jetspeed, need i repulicate user information into jetspeed's database security tables?
>
> 2011-03-31
>
My short answer is yes.
LDAP will deal with authentication but not usually authorization.
Jetspeed needs to know what roles a user has so that it can determine
what pages and what portlets the user gets.
A order entry clerk will not have the same portal functionality as the
VP of Finance even if they both are in the LDAP.
Some one in division A may have a completely different colour scheme and
logo that someone else in division B even if they have the same job
title and both are in the LDAP.
If you want to save some work, the portlets need to be able to ask
Jetspeed what roles a user has in order to know what functions the user
can access and what content the user can see.
You can manage this using your own profiles instead or a combination of
Jetspeed and your own information.
Try to use Jetspeed in a way that avoids duplicate authorization data
which can get out of synch.
Ron
>
> Best Regards
> Robin Xie
>
>
>
> 发件人: Ron Wheeler
> 发送时间: 2011-03-28 22:58:45
> 收件人: jetspeed-user
> 抄送:
> 主题: Re: J2 Security Customization: add organization
>
> On 28/03/2011 4:14 AM, robin wrote:
>> Hi
>>
>> i want to add organization for user management, and try to use user, role table created by myself, after search this topic by google, that said i can reimplement SecurityValve, anything else for suggestion? which interfaces i must reimplement?
>>
>> 2011-03-28
>>
>>
>>
>> Best Regards
>> Robin Xie
>>
> We needed to have our own user profile but we kept the Jetspeed user and
> role and added the additional information is a user table that used the
> same username as a link between the 2 systems.
> When we wanted to add/delete/maintain a role on a user, we did this on
> the Jetspeed side.
> This enabled us to use all the existing Jetspeed functionality that
> depends on roles while having our code in control of the maintenance of
> roles.
> This means no modification of Jetspeed for this purpose.
> We do have some custom pipelines and valves to handle SSO from client
> portals and to do things like get a privacy consent form displayed and
> signed the first time a user logs in.
> If you do not use Jetspeed's roles, then you will have lots of things to
> do to get the right content and portlets on a page if they depend on
> your roles.
> You will lose a lot of the value of Jetspeed and end up recreating a lot
> of its functionality in your code.
> Ron
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: jetspeed-user-unsubscribe@portals.apache.org
> For additional commands, e-mail: jetspeed-user-help@portals.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-user-unsubscribe@portals.apache.org
For additional commands, e-mail: jetspeed-user-help@portals.apache.org
Re: Re: J2 Security Customization: add organization
Posted by robin <ro...@adm-soft.com>.
if config ldap security in jetspeed, need i repulicate user information into jetspeed's database security tables?
2011-03-31
Best Regards
Robin Xie
发件人: Ron Wheeler
发送时间: 2011-03-28 22:58:45
收件人: jetspeed-user
抄送:
主题: Re: J2 Security Customization: add organization
On 28/03/2011 4:14 AM, robin wrote:
> Hi
>
> i want to add organization for user management, and try to use user, role table created by myself, after search this topic by google, that said i can reimplement SecurityValve, anything else for suggestion? which interfaces i must reimplement?
>
> 2011-03-28
>
>
>
> Best Regards
> Robin Xie
>
We needed to have our own user profile but we kept the Jetspeed user and
role and added the additional information is a user table that used the
same username as a link between the 2 systems.
When we wanted to add/delete/maintain a role on a user, we did this on
the Jetspeed side.
This enabled us to use all the existing Jetspeed functionality that
depends on roles while having our code in control of the maintenance of
roles.
This means no modification of Jetspeed for this purpose.
We do have some custom pipelines and valves to handle SSO from client
portals and to do things like get a privacy consent form displayed and
signed the first time a user logs in.
If you do not use Jetspeed's roles, then you will have lots of things to
do to get the right content and portlets on a page if they depend on
your roles.
You will lose a lot of the value of Jetspeed and end up recreating a lot
of its functionality in your code.
Ron
---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-user-unsubscribe@portals.apache.org
For additional commands, e-mail: jetspeed-user-help@portals.apache.org
Re: J2 Security Customization: add organization
Posted by Ron Wheeler <rw...@artifact-software.com>.
On 28/03/2011 4:14 AM, robin wrote:
> Hi
>
> i want to add organization for user management, and try to use user, role table created by myself, after search this topic by google, that said i can reimplement SecurityValve, anything else for suggestion? which interfaces i must reimplement?
>
> 2011-03-28
>
>
>
> Best Regards
> Robin Xie
>
We needed to have our own user profile but we kept the Jetspeed user and
role and added the additional information is a user table that used the
same username as a link between the 2 systems.
When we wanted to add/delete/maintain a role on a user, we did this on
the Jetspeed side.
This enabled us to use all the existing Jetspeed functionality that
depends on roles while having our code in control of the maintenance of
roles.
This means no modification of Jetspeed for this purpose.
We do have some custom pipelines and valves to handle SSO from client
portals and to do things like get a privacy consent form displayed and
signed the first time a user logs in.
If you do not use Jetspeed's roles, then you will have lots of things to
do to get the right content and portlets on a page if they depend on
your roles.
You will lose a lot of the value of Jetspeed and end up recreating a lot
of its functionality in your code.
Ron
---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-user-unsubscribe@portals.apache.org
For additional commands, e-mail: jetspeed-user-help@portals.apache.org