You are viewing a plain text version of this content. The canonical link for it is here.
Posted to jetspeed-user@portals.apache.org by shikari shambu <sh...@hotmail.com> on 2009/12/08 16:31:04 UTC
Leveraging Jetspeed security tables to secure access to external
resources
Hi,
I have a solution that uses Jetspeed with Alfresco ECM. Rather than create users and access permissions in both places I plan to access Alfresco content from Jetspeed through a service account and implement the authorization checks on the front end - in Jetspeed portal. I would like to see if there is a way to leverage the Jetspeed security tables to achieve this.
Essentially, I have document types and sub types. Specific roles have specific permissions on document type (in which case they have the same permission on all sub types) or they have defined permissions on the sub type. All documents related to a document type are stored in a folder/ space in Alfresco.
I am toying with the idea of using the security_permission table and create document management specific entries
PERMISSION_ID PERMISSION_TYPE NAME ACTIONS
XXX document /doctype view, edit
YYY document /doctype/subtype view, edit
Is this a valid/ good approach? Or, is there a better way to extend jetspeed security to support access to external resources?
TIA
_________________________________________________________________
Windows Live Hotmail gives you a free,exclusive gift.
http://www.microsoft.com/windows/windowslive/hotmail_bl1/hotmail_bl1.aspx?ocid=PID23879::T:WLMTAGL:ON:WL:en-ww:WM_IMHM_7:092009