You are viewing a plain text version of this content. The canonical link for it is here.
Posted to jetspeed-dev@portals.apache.org by Tomba Rakesh <to...@yahoo.com> on 2005/06/08 08:59:14 UTC
Jetspeed2 Security
Hi All,
Could someone help us how to start working on Jetspeed2 security. I have gone through tutorial of previous version, file structure and deployment style are totally different.
Thanks in advance.
Rakesh
---------------------------------
Discover Yahoo!
Find restaurants, movies, travel & more fun for the weekend. Check it out!
Re: Jetspeed2 Security
Posted by Randy Watler <wa...@wispertel.net>.
Amit,
You can define named <security-constraint-def/> types in the
WEB-INF/pages/page.security file and use these to control access to
folders and pages in the site.
These definitions can include user, role, and group specifications. See
the demo site.
So, perhaps you can find a way to model your needs with these? Let me
know if you think you need to expand this mechanism to make it work in
your case.
Randy
Shah Amit wrote:
> Hi David,
>
> Thanks for your response.
>
> But I think it is still kind of insufficient for my situation. I dont
> know if that is the case for the originator of this thread, but I will
> explain my situation --
>
> I have a few customers with companies say A, B, C.
> I want to have some permissions - P,Q,R,W,X, Y, Z
> I want to create some "high level groups" of permissions -
> J -> has P, Q, R
> G -> has X, Y, Z
> I -> has Q, Y, Z
>
> Now I want to assign these "high level groups" of permissions to
> companies -
> A -> has J
> B -> has G
> C -> has I
>
> And then, a user simply belongs to a company.
> Joe -> Company A
> John -> Company B
> Smith -> Company C
>
> Thanks,
> Amit
>
>
> ----Original Message Follows----
> From: David Sean Taylor <da...@bluesunrise.com>
> Reply-To: "Jetspeed Developers List" <je...@portals.apache.org>
> To: Jetspeed Developers List <je...@portals.apache.org>
> Subject: Re: Jetspeed2 Security
> Date: Fri, 10 Jun 2005 10:50:08 -0700
>
> Shah Amit wrote:
>
>> I have the exact same problem !!! I think with J2, roles and groups
>> are just 2 interchangeable ways of catagorizing users. I tried to
>> find a link between those, but I couldn't. Finally I ended up
>> designing my system accordingly atleast for now.
>>
>> I just check for roles in my system, and treat roles as "actual
>> permissions".
>>
> Im not sure if I understand the question.
> So please be patient with me if Im totally off target here.
> It won't be the first time!
>
> Do you want to "link" or associate, roles with groups. Is that correct?
>
> In the database schema, there is the SECURITY_GROUP_ROLE table:
>
> <table name="SECURITY_GROUP_ROLE">
> <column name="GROUP_ID" primaryKey="true" required="true"
> type="INTEGER"/>
> <column name="ROLE_ID" primaryKey="true" required="true"
> type="INTEGER"/>
> <foreign-key foreignTable="SECURITY_PRINCIPAL"
> onDelete="cascade">
> <reference foreign="PRINCIPAL_ID" local="GROUP_ID"/>
> </foreign-key>
> <foreign-key foreignTable="SECURITY_PRINCIPAL"
> onDelete="cascade">
> <reference foreign="PRINCIPAL_ID" local="ROLE_ID"/>
> </foreign-key>
> </table>
>
> In the API, there is:
>
> o.a.j.security.RoleManager:
>
> Collection getRolesInGroup(String groupFullPathName) throws
> SecurityException;
> void addRoleToGroup(String roleFullPathName, String
> groupFullPathName) throws SecurityException;
> void removeRoleFromGroup(String roleFullPathName, String
> groupFullPathName) throws SecurityException;
> boolean isGroupInRole(String groupFullPathName, String
> roleFullPathName) throws SecurityException;
> ....
>
> o.a.j.security.GroupManager:
>
> Collection getGroupsInRole(String roleFullPathName) throws
> SecurityException;
>
> hth,
>
> --
> David Sean Taylor
> Bluesunrise Software
> david@bluesunrise.com
> [office] +01 707 773-4646
> [mobile] +01 707 529 9194
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: jetspeed-dev-unsubscribe@portals.apache.org
> For additional commands, e-mail: jetspeed-dev-help@portals.apache.org
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: jetspeed-dev-unsubscribe@portals.apache.org
> For additional commands, e-mail: jetspeed-dev-help@portals.apache.org
>
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-dev-unsubscribe@portals.apache.org
For additional commands, e-mail: jetspeed-dev-help@portals.apache.org
JS2-255 Proposal
Posted by David Le Strat <dl...@yahoo.com>.
All,
I have a fix for
http://issues.apache.org/jira/browse/JS2-255 ready. I
am proposing to rename the column "VALUE" to
"COLUMN_VALUE".
Regards,
David Le Strat.
________________________
David Le Strat
Blogging @ http://dlsthoughts.blogspot.com
__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-dev-unsubscribe@portals.apache.org
For additional commands, e-mail: jetspeed-dev-help@portals.apache.org
Re: Jetspeed2 Security
Posted by Tomba Rakesh <to...@yahoo.com>.
Hi to all,
Using latest version of jetspeed "jetspeed-current-Tomcat-5.5.9.zip", we could add only users to "Role" but the gui does not provide for adding groups to "Role".
Is it possible to add groups to "Role"? If so, how to add (using gui or other ways)?
Hi Randy,
Thanks for clarifying my doubt....
Could you please tell me the steps for portlet permission. I tried on
"portlet.xml" and "web.xml", but it does not work.
Any related link may also helps us.
Regards
Rakesh
Randy Watler <wa...@wispertel.net> wrote:
Rakesh,
>WEB-INF/pages/page.security is actually usefull, so that specific user
could be assign to view, edit the page. My understanding so far
regarding "page.security" is that, user can view the page,
"adding/removing/change position" portlets to the page. So "page.security" is the security
applies to all pages, please correct me if I am wrong.
>
The "page.security" and related PSML tags operate
on the page level and control "view" and "edit" permssions for the
page,
not portlet permissions.
>
>But I would like to protect the portlets individually.
>How to assign permissions to a particular portlet "p1" so that the
specified users (u1, u2) and groups (g1, g2) can access it.
>
As mentioned by David Le Strat on this thread, take a look at the
portlet standard declarative security. In general, this level of
security is considered more a portlet responsibility than something a
portal should implement. However, over time I suspect that the two
concerns will develop a tighter interface.
Randy
__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
Re: Jetspeed2 Security
Posted by Tomba Rakesh <to...@yahoo.com>.
Hi Randy
Thanks for clarifying my doubt....
Could you please tell me the steps for portlet permission. I tried on "portlet.xml" and "web.xml", but it does not work.
Any related link may also helps us.
Regards
Rakesh
Randy Watler <wa...@wispertel.net> wrote:
Rakesh,
>WEB-INF/pages/page.security is actually usefull, so that specific user could be assign to view, edit the page. My understanding so far regarding "page.security" is that, user can view the page, "adding/removing/change position" portlets to the page. So "page.security" is the security applies to all pages, please correct me if I am wrong.
>
The "page.security" and related PSML tags operate
on the page level and control "view" and "edit" permssions for the page,
not portlet permissions.
>
>But I would like to protect the portlets individually.
>How to assign permissions to a particular portlet "p1" so that the specified users (u1, u2) and groups (g1, g2) can access it.
>
As mentioned by David Le Strat on this thread, take a look at the
portlet standard declarative security. In general, this level of
security is considered more a portlet responsibility than something a
portal should implement. However, over time I suspect that the two
concerns will develop a tighter interface.
Randy
---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-dev-unsubscribe@portals.apache.org
For additional commands, e-mail: jetspeed-dev-help@portals.apache.org
---------------------------------
Discover Yahoo!
Stay in touch with email, IM, photo sharing & more. Check it out!
Re: Jetspeed2 Security
Posted by Randy Watler <wa...@wispertel.net>.
Rakesh,
>WEB-INF/pages/page.security is actually usefull, so that specific user could be assign to view, edit the page. My understanding so far regarding "page.security" is that, user can view the page, "adding/removing/change position" portlets to the page. So "page.security" is the security applies to all pages, please correct me if I am wrong.
>
The "page.security" and related PSML <security-contraints> tags operate
on the page level and control "view" and "edit" permssions for the page,
not portlet permissions.
>
>But I would like to protect the portlets individually.
>How to assign permissions to a particular portlet "p1" so that the specified users (u1, u2) and groups (g1, g2) can access it.
>
As mentioned by David Le Strat on this thread, take a look at the
portlet standard declarative security. In general, this level of
security is considered more a portlet responsibility than something a
portal should implement. However, over time I suspect that the two
concerns will develop a tighter interface.
Randy
---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-dev-unsubscribe@portals.apache.org
For additional commands, e-mail: jetspeed-dev-help@portals.apache.org
Re: Jetspeed2 Security
Posted by Tomba Rakesh <to...@yahoo.com>.
Thanks everyone for your valuable solutions.
WEB-INF/pages/page.security is actually usefull, so that specific user could be assign to view, edit the page. My understanding so far regarding "page.security" is that, user can view the page, "adding/removing/change position" portlets to the page. So "page.security" is the security applies to all pages, please correct me if I am wrong.
But I would like to protect the portlets individually.
How to assign permissions to a particular portlet "p1" so that the specified users (u1, u2) and groups (g1, g2) can access it.
Assuming various Permissions for specific portlet "p1" as
1. View Portlet
2. Edit Portlets
3. Help
4. Minimized Portlets
5. Maximized Portlets
6. Can add "p1" to a page
7. Can remove "p1" from a page.
8. etc.
Regards
Rakesh
Shah Amit <am...@hotmail.com> wrote:
Hi David,
Looks like that does answer my question. However, in my portlet, based on
the user who has logged on, I want to check if he has permission X, Y, or Z
etc. and based on that, I enable and disable some components, load them
differently etc.
Is that doable ?? Can X, Y, Z be anything other than the standard "view,
maximize, minimize" etc. permissions of portlet ?? Also, how would I access
those permissions from my action classes? (I use struts bridge)
Following is the mapping just for reference ...
Role J
P, Q, R
Role G
X, Y, Z
Thanks everyone for your helps !!
Amit
---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-dev-unsubscribe@portals.apache.org
For additional commands, e-mail: jetspeed-dev-help@portals.apache.org
__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
Re: Jetspeed2 Security
Posted by Shah Amit <am...@hotmail.com>.
Hi David,
Looks like that does answer my question. However, in my portlet, based on
the user who has logged on, I want to check if he has permission X, Y, or Z
etc. and based on that, I enable and disable some components, load them
differently etc.
Is that doable ?? Can X, Y, Z be anything other than the standard "view,
maximize, minimize" etc. permissions of portlet ?? Also, how would I access
those permissions from my action classes? (I use struts bridge)
Following is the mapping just for reference ...
<security-constraint>
<roles>Role J</roles>
<permissions>P, Q, R</permissions>
</security-constraint>
<security-constraint>
<roles>Role G</roles>
<permissions>X, Y, Z</permissions>
</security-constraint>
Thanks everyone for your helps !!
Amit
---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-dev-unsubscribe@portals.apache.org
For additional commands, e-mail: jetspeed-dev-help@portals.apache.org
Re: Jetspeed2 Security
Posted by David Le Strat <dl...@yahoo.com>.
Amit,
I may be totally off base but I think that what you
are trying to do can easily be supported. See below.
Regards,
David Le Strat.
--- Shah Amit <am...@hotmail.com> wrote:
> Hi David,
>
> Thanks for your response.
>
> But I think it is still kind of insufficient for my
> situation. I dont know
> if that is the case for the originator of this
> thread, but I will explain my
> situation --
To do what you are trying to do, you will need to
leverage declarative security. There is no portlet UI
currently supporting this (the permission part).
Companies A, B, C would map to Group A, B, C
> I have a few customers with companies say A, B, C.
> I want to have some permissions - P,Q,R,W,X, Y, Z
> I want to create some "high level groups" of
> permissions -
> J -> has P, Q, R
> G -> has X, Y, Z
> I -> has Q, Y, Z
J, G, I would map to Role J, G, I
where
<security-constraint>
<roles>Role J</roles>
<permissions>P, Q, R</permissions>
</security-constraint>
<security-constraint>
<roles>Role G</roles>
<permissions>X, Y, Z</permissions>
</security-constraint>
etc...
>
> Now I want to assign these "high level groups" of
> permissions to companies -
> A -> has J
> B -> has G
> C -> has I
So now Group A has Role J
Group B has Role G, etc.
>
> And then, a user simply belongs to a company.
> Joe -> Company A
> John -> Company B
> Smith -> Company C
And finally Joe is in Company A.
Hope this helps.
>
> Thanks,
> Amit
>
>
> ----Original Message Follows----
> From: David Sean Taylor <da...@bluesunrise.com>
> Reply-To: "Jetspeed Developers List"
> <je...@portals.apache.org>
> To: Jetspeed Developers List
> <je...@portals.apache.org>
> Subject: Re: Jetspeed2 Security
> Date: Fri, 10 Jun 2005 10:50:08 -0700
>
> Shah Amit wrote:
> >I have the exact same problem !!! I think with J2,
> roles and groups are
> >just 2 interchangeable ways of catagorizing users.
> I tried to find a link
> >between those, but I couldn't. Finally I ended up
> designing my system
> >accordingly atleast for now.
> >
> >I just check for roles in my system, and treat
> roles as "actual
> >permissions".
> >
> Im not sure if I understand the question.
> So please be patient with me if Im totally off
> target here.
> It won't be the first time!
>
> Do you want to "link" or associate, roles with
> groups. Is that correct?
>
> In the database schema, there is the
> SECURITY_GROUP_ROLE table:
>
> <table name="SECURITY_GROUP_ROLE">
> <column name="GROUP_ID" primaryKey="true"
> required="true"
> type="INTEGER"/>
> <column name="ROLE_ID" primaryKey="true"
> required="true"
> type="INTEGER"/>
> <foreign-key
> foreignTable="SECURITY_PRINCIPAL"
> onDelete="cascade">
> <reference foreign="PRINCIPAL_ID"
> local="GROUP_ID"/>
> </foreign-key>
> <foreign-key
> foreignTable="SECURITY_PRINCIPAL"
> onDelete="cascade">
> <reference foreign="PRINCIPAL_ID"
> local="ROLE_ID"/>
> </foreign-key>
> </table>
>
> In the API, there is:
>
> o.a.j.security.RoleManager:
>
> Collection getRolesInGroup(String
> groupFullPathName) throws
> SecurityException;
> void addRoleToGroup(String roleFullPathName,
> String groupFullPathName)
> throws SecurityException;
> void removeRoleFromGroup(String
> roleFullPathName, String
> groupFullPathName) throws SecurityException;
> boolean isGroupInRole(String groupFullPathName,
> String
> roleFullPathName) throws SecurityException;
> ....
>
> o.a.j.security.GroupManager:
>
> Collection getGroupsInRole(String
> roleFullPathName) throws
> SecurityException;
>
> hth,
>
> --
> David Sean Taylor
> Bluesunrise Software
> david@bluesunrise.com
> [office] +01 707 773-4646
> [mobile] +01 707 529 9194
>
>
---------------------------------------------------------------------
> To unsubscribe, e-mail:
> jetspeed-dev-unsubscribe@portals.apache.org
> For additional commands, e-mail:
> jetspeed-dev-help@portals.apache.org
>
>
>
>
---------------------------------------------------------------------
> To unsubscribe, e-mail:
> jetspeed-dev-unsubscribe@portals.apache.org
> For additional commands, e-mail:
> jetspeed-dev-help@portals.apache.org
>
>
__________________________________
Discover Yahoo!
Stay in touch with email, IM, photo sharing and more. Check it out!
http://discover.yahoo.com/stayintouch.html
---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-dev-unsubscribe@portals.apache.org
For additional commands, e-mail: jetspeed-dev-help@portals.apache.org
Re: Jetspeed2 Security
Posted by Shah Amit <am...@hotmail.com>.
Hi David,
Thanks for your response.
But I think it is still kind of insufficient for my situation. I dont know
if that is the case for the originator of this thread, but I will explain my
situation --
I have a few customers with companies say A, B, C.
I want to have some permissions - P,Q,R,W,X, Y, Z
I want to create some "high level groups" of permissions -
J -> has P, Q, R
G -> has X, Y, Z
I -> has Q, Y, Z
Now I want to assign these "high level groups" of permissions to companies -
A -> has J
B -> has G
C -> has I
And then, a user simply belongs to a company.
Joe -> Company A
John -> Company B
Smith -> Company C
Thanks,
Amit
----Original Message Follows----
From: David Sean Taylor <da...@bluesunrise.com>
Reply-To: "Jetspeed Developers List" <je...@portals.apache.org>
To: Jetspeed Developers List <je...@portals.apache.org>
Subject: Re: Jetspeed2 Security
Date: Fri, 10 Jun 2005 10:50:08 -0700
Shah Amit wrote:
>I have the exact same problem !!! I think with J2, roles and groups are
>just 2 interchangeable ways of catagorizing users. I tried to find a link
>between those, but I couldn't. Finally I ended up designing my system
>accordingly atleast for now.
>
>I just check for roles in my system, and treat roles as "actual
>permissions".
>
Im not sure if I understand the question.
So please be patient with me if Im totally off target here.
It won't be the first time!
Do you want to "link" or associate, roles with groups. Is that correct?
In the database schema, there is the SECURITY_GROUP_ROLE table:
<table name="SECURITY_GROUP_ROLE">
<column name="GROUP_ID" primaryKey="true" required="true"
type="INTEGER"/>
<column name="ROLE_ID" primaryKey="true" required="true"
type="INTEGER"/>
<foreign-key foreignTable="SECURITY_PRINCIPAL" onDelete="cascade">
<reference foreign="PRINCIPAL_ID" local="GROUP_ID"/>
</foreign-key>
<foreign-key foreignTable="SECURITY_PRINCIPAL" onDelete="cascade">
<reference foreign="PRINCIPAL_ID" local="ROLE_ID"/>
</foreign-key>
</table>
In the API, there is:
o.a.j.security.RoleManager:
Collection getRolesInGroup(String groupFullPathName) throws
SecurityException;
void addRoleToGroup(String roleFullPathName, String groupFullPathName)
throws SecurityException;
void removeRoleFromGroup(String roleFullPathName, String
groupFullPathName) throws SecurityException;
boolean isGroupInRole(String groupFullPathName, String
roleFullPathName) throws SecurityException;
....
o.a.j.security.GroupManager:
Collection getGroupsInRole(String roleFullPathName) throws
SecurityException;
hth,
--
David Sean Taylor
Bluesunrise Software
david@bluesunrise.com
[office] +01 707 773-4646
[mobile] +01 707 529 9194
---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-dev-unsubscribe@portals.apache.org
For additional commands, e-mail: jetspeed-dev-help@portals.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-dev-unsubscribe@portals.apache.org
For additional commands, e-mail: jetspeed-dev-help@portals.apache.org
Re: Jetspeed2 Security
Posted by Tomba Rakesh <to...@yahoo.com>.
Hi David
This api could solve our group and role relationship issue. My understanding according your solution is "SECURITY_GROUP_ROLE " is used for group and role relationship. Correct me if I am wrong?
I found jetspeed2 using list of tables.
Do you have any document regarding what these table are for (I mean tables description).
It will be very helpfull to us if we know these thing so that we can provide our own GUI for security management.
-ve side: If new version of jetspeed comes along with different structure of these tables, our gui may not work.
Your Comment/Suggestion Please.
Regards
Rakesh
David Sean Taylor <da...@bluesunrise.com> wrote:
Shah Amit wrote:
> I have the exact same problem !!! I think with J2, roles and groups are
> just 2 interchangeable ways of catagorizing users. I tried to find a
> link between those, but I couldn't. Finally I ended up designing my
> system accordingly atleast for now.
>
> I just check for roles in my system, and treat roles as "actual
> permissions".
>
Im not sure if I understand the question.
So please be patient with me if Im totally off target here.
It won't be the first time!
Do you want to "link" or associate, roles with groups. Is that correct?
In the database schema, there is the SECURITY_GROUP_ROLE table:
type="INTEGER"/>
type="INTEGER"/>
In the API, there is:
o.a.j.security.RoleManager:
Collection getRolesInGroup(String groupFullPathName) throws
SecurityException;
void addRoleToGroup(String roleFullPathName, String
groupFullPathName) throws SecurityException;
void removeRoleFromGroup(String roleFullPathName, String
groupFullPathName) throws SecurityException;
boolean isGroupInRole(String groupFullPathName, String
roleFullPathName) throws SecurityException;
....
o.a.j.security.GroupManager:
Collection getGroupsInRole(String roleFullPathName) throws
SecurityException;
hth,
--
David Sean Taylor
Bluesunrise Software
david@bluesunrise.com
[office] +01 707 773-4646
[mobile] +01 707 529 9194
---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-dev-unsubscribe@portals.apache.org
For additional commands, e-mail: jetspeed-dev-help@portals.apache.org
__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
Re: Jetspeed2 Security
Posted by David Sean Taylor <da...@bluesunrise.com>.
Shah Amit wrote:
> I have the exact same problem !!! I think with J2, roles and groups are
> just 2 interchangeable ways of catagorizing users. I tried to find a
> link between those, but I couldn't. Finally I ended up designing my
> system accordingly atleast for now.
>
> I just check for roles in my system, and treat roles as "actual
> permissions".
>
Im not sure if I understand the question.
So please be patient with me if Im totally off target here.
It won't be the first time!
Do you want to "link" or associate, roles with groups. Is that correct?
In the database schema, there is the SECURITY_GROUP_ROLE table:
<table name="SECURITY_GROUP_ROLE">
<column name="GROUP_ID" primaryKey="true" required="true"
type="INTEGER"/>
<column name="ROLE_ID" primaryKey="true" required="true"
type="INTEGER"/>
<foreign-key foreignTable="SECURITY_PRINCIPAL" onDelete="cascade">
<reference foreign="PRINCIPAL_ID" local="GROUP_ID"/>
</foreign-key>
<foreign-key foreignTable="SECURITY_PRINCIPAL" onDelete="cascade">
<reference foreign="PRINCIPAL_ID" local="ROLE_ID"/>
</foreign-key>
</table>
In the API, there is:
o.a.j.security.RoleManager:
Collection getRolesInGroup(String groupFullPathName) throws
SecurityException;
void addRoleToGroup(String roleFullPathName, String
groupFullPathName) throws SecurityException;
void removeRoleFromGroup(String roleFullPathName, String
groupFullPathName) throws SecurityException;
boolean isGroupInRole(String groupFullPathName, String
roleFullPathName) throws SecurityException;
....
o.a.j.security.GroupManager:
Collection getGroupsInRole(String roleFullPathName) throws
SecurityException;
hth,
--
David Sean Taylor
Bluesunrise Software
david@bluesunrise.com
[office] +01 707 773-4646
[mobile] +01 707 529 9194
---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-dev-unsubscribe@portals.apache.org
For additional commands, e-mail: jetspeed-dev-help@portals.apache.org
RE: Jetspeed2 Security
Posted by Shah Amit <am...@hotmail.com>.
I have the exact same problem !!! I think with J2, roles and groups are just
2 interchangeable ways of catagorizing users. I tried to find a link between
those, but I couldn't. Finally I ended up designing my system accordingly
atleast for now.
I just check for roles in my system, and treat roles as "actual
permissions".
I dont know if I missed something. May be someone who knows better than me
can comment ??
Amit
----Original Message Follows----
From: Tomba Rakesh <to...@yahoo.com>
Reply-To: "Jetspeed Developers List" <je...@portals.apache.org>
To: Jetspeed Developers List <je...@portals.apache.org>
Subject: RE: Jetspeed2 Security
Date: Fri, 10 Jun 2005 06:18:26 -0700 (PDT)
Thanks Amit...
Now I could create user, role and groups
So far I explore only user caould mapped to role and groups... I did't find
any feature that links with role and group.
Regards
Rakesh
Shah Amit <am...@hotmail.com> wrote:
The documentation on jetspeed 2 website can be a good starting point. Apart
from that, some documenation ships with jetspeed distribution too. Look
around for *.pdf's and txts.
Roughly speaking, it provides an implementation of JAAS. You would have to
use their own security schema if you want to use that though.
It can be replaced with your own implementation too. I dont know too much
details of that.
There are a couple of threads on this forum for that.
http://www.mail-archive.com/jetspeed-user%40portals.apache.org/
HTH
Amit
----Original Message Follows----
From: Tomba Rakesh
Reply-To: "Jetspeed Developers List"
To: jetspeed-dev@portals.apache.org, general@portals.apache.org
Subject: Jetspeed2 Security
Date: Tue, 7 Jun 2005 23:59:14 -0700 (PDT)
Hi All,
Could someone help us how to start working on Jetspeed2 security. I have
gone through tutorial of previous version, file structure and deployment
style are totally different.
Thanks in advance.
Rakesh
---------------------------------
Discover Yahoo!
Find restaurants, movies, travel & more fun for the weekend. Check it out!
---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-dev-unsubscribe@portals.apache.org
For additional commands, e-mail: jetspeed-dev-help@portals.apache.org
---------------------------------
Do you Yahoo!?
Make Yahoo! your home page
---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-dev-unsubscribe@portals.apache.org
For additional commands, e-mail: jetspeed-dev-help@portals.apache.org
RE: Jetspeed2 Security
Posted by Tomba Rakesh <to...@yahoo.com>.
Thanks Amit...
Now I could create user, role and groups
So far I explore only user caould mapped to role and groups... I did't find any feature that links with role and group.
Regards
Rakesh
Shah Amit <am...@hotmail.com> wrote:
The documentation on jetspeed 2 website can be a good starting point. Apart
from that, some documenation ships with jetspeed distribution too. Look
around for *.pdf's and txts.
Roughly speaking, it provides an implementation of JAAS. You would have to
use their own security schema if you want to use that though.
It can be replaced with your own implementation too. I dont know too much
details of that.
There are a couple of threads on this forum for that.
http://www.mail-archive.com/jetspeed-user%40portals.apache.org/
HTH
Amit
----Original Message Follows----
From: Tomba Rakesh
Reply-To: "Jetspeed Developers List"
To: jetspeed-dev@portals.apache.org, general@portals.apache.org
Subject: Jetspeed2 Security
Date: Tue, 7 Jun 2005 23:59:14 -0700 (PDT)
Hi All,
Could someone help us how to start working on Jetspeed2 security. I have
gone through tutorial of previous version, file structure and deployment
style are totally different.
Thanks in advance.
Rakesh
---------------------------------
Discover Yahoo!
Find restaurants, movies, travel & more fun for the weekend. Check it out!
---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-dev-unsubscribe@portals.apache.org
For additional commands, e-mail: jetspeed-dev-help@portals.apache.org
---------------------------------
Do you Yahoo!?
Make Yahoo! your home page
RE: Jetspeed2 Security
Posted by Shah Amit <am...@hotmail.com>.
The documentation on jetspeed 2 website can be a good starting point. Apart
from that, some documenation ships with jetspeed distribution too. Look
around for *.pdf's and txts.
Roughly speaking, it provides an implementation of JAAS. You would have to
use their own security schema if you want to use that though.
It can be replaced with your own implementation too. I dont know too much
details of that.
There are a couple of threads on this forum for that.
http://www.mail-archive.com/jetspeed-user%40portals.apache.org/
HTH
Amit
----Original Message Follows----
From: Tomba Rakesh <to...@yahoo.com>
Reply-To: "Jetspeed Developers List" <je...@portals.apache.org>
To: jetspeed-dev@portals.apache.org, general@portals.apache.org
Subject: Jetspeed2 Security
Date: Tue, 7 Jun 2005 23:59:14 -0700 (PDT)
Hi All,
Could someone help us how to start working on Jetspeed2 security. I have
gone through tutorial of previous version, file structure and deployment
style are totally different.
Thanks in advance.
Rakesh
---------------------------------
Discover Yahoo!
Find restaurants, movies, travel & more fun for the weekend. Check it out!
---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-dev-unsubscribe@portals.apache.org
For additional commands, e-mail: jetspeed-dev-help@portals.apache.org