You are viewing a plain text version of this content. The canonical link for it is here.
Posted to jetspeed-dev@portals.apache.org by "Ate Douma (JIRA)" <je...@portals.apache.org> on 2008/08/29 12:04:44 UTC
[jira] Commented: (JS2-872) PermissionSecurityHandler for LDAP
[ https://issues.apache.org/jira/browse/JS2-872?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12626923#action_12626923 ]
Ate Douma commented on JS2-872:
-------------------------------
Work for the issues JS2-870, JS2-872 and JS2-873 will commence in the separate security-refactoring branch (branched off the JS2-869 branch).
> PermissionSecurityHandler for LDAP
> ----------------------------------
>
> Key: JS2-872
> URL: https://issues.apache.org/jira/browse/JS2-872
> Project: Jetspeed 2
> Issue Type: New Feature
> Components: Security
> Affects Versions: 2.2
> Reporter: Ate Douma
> Assignee: Ate Douma
> Fix For: 2.2
>
> Original Estimate: 72h
> Remaining Estimate: 72h
>
> Right now, Jetspeed only has a database based PermissionManagerImpl.
> In contrast to the other security components for User,Role,Group there is no corresponding PermissionSecurityHandler for abstracting the backend implementation.
> Adding a PermissionSecurityHandler and corresponding DefaultPermissionSecurityHandler (for the database) and a LdapPermissionSecurityHandler
> also requires extending the SecurityMappingHandler interface and delegating the current db access in PermissionManagerImpl to the PermissionSecurityHandler.
> Related to this is the RdbmsPolicy class (name) which really hooks the PermissionManager into the Java security system.
> Although this class is call RdbmsPolicy, actually it has no ties to the database at all, only to the PermissionManager.
> By providing an LDAP backend for the permissions, we can still use the RdbmsPolicy, nevermind its name :)
> But maybe we should rename it to JetspeedPolicy in the future for clarity.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-dev-unsubscribe@portals.apache.org
For additional commands, e-mail: jetspeed-dev-help@portals.apache.org