You are viewing a plain text version of this content. The canonical link for it is here.
Posted to jetspeed-dev@portals.apache.org by Randy Watler <wa...@wispertel.net> on 2005/02/17 23:21:32 UTC
More Login/Security Enhancements
Ate/All,
I have these additional Login/Security requirements that have made there
way into a formal requirements process for our portal implementation:
- Send email to end user for forgotten passwords, (offered on failed
login attempts if user email address known).
- Ability of a non-authenticated end user to create and populate a
disabled user account to be enabled later by admin/moderator, (includes
automatic email notification of the request and approved/denied messages
if user email address known).
I think these features are fairly typical for most sites requiring end
user authentication. Is there any interest in, (or objections to), these
features being added to J2 proper? If there is interest, I will generate
a JIRA issue and we can see if there are other similar capabilities that
can be added at the same time.
Thanks!
Randy
---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: jetspeed-dev-help@jakarta.apache.org
Re: Declarative or Modal Page Layout Navigation?
Posted by Ate Douma <at...@douma.nu>.
Randy Watler wrote:
> Team,
>
> David and I have been discussing potential options to the current
> profiler/page-manager generated page layout navigations. While what we
> have seems to be fairly powerful and flexible, it also seems to be too
> complex and/or scalable for use by many users. It often raises questions
> on the lists and certainly does not seem self documenting!
Fully agreed!
>
> We have discussed implementing a declarative navigation definition,
> (i.e. J1 menus), that could be specified globally or at the folder
> level. We have also pondered some modal configuration settings/hints to
> the existing solution that correspond to different navigational styles,
> (i.e. relative forward/back navigation as we currently have, constant
> navigation elements that reflect the physical folder structures, logical
> view specifications like document sets, etc.). Obviously, changes to
> support these different modes would also involve modifications to the
> various velocity layout templates. Related efforts might include support
> for javascript pull down menus or other portal navigation interfaces.
+1 ;-) One of my own outstanding requirements I haven't found time yet to
find a solution for.
We've been here before and several solutions have been suggested in the
past (including one of my own). Lets try to get this right once and for
all!
>
> I would like to get input from the team on whether it is time to
> consider such an effort and indeed what the effort should look like and
> include. Any and all input will be appreciated!
I'm +1 for starting this as soon as possible because good navigation support,
including portlets for layout and navigation definition maintenance (and good
principal maintenance portlets) are the most prominent missing features to
provide before we'll can start thinking of a final Jetspeed-2.0 release.
Right now I'm working on a simplified (re)deployment implementation which I hope
to provide soon but I got side tracked the last days.
Once thats finished I'll try to help out with navigation and layout
(besides working on enhanced principal maintenance portlets).
>
> Thanks,
>
> Randy
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: jetspeed-dev-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: jetspeed-dev-help@jakarta.apache.org
>
>
>
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: jetspeed-dev-help@jakarta.apache.org
Declarative or Modal Page Layout Navigation?
Posted by Randy Watler <wa...@wispertel.net>.
Team,
David and I have been discussing potential options to the current
profiler/page-manager generated page layout navigations. While what we
have seems to be fairly powerful and flexible, it also seems to be too
complex and/or scalable for use by many users. It often raises questions
on the lists and certainly does not seem self documenting!
We have discussed implementing a declarative navigation definition,
(i.e. J1 menus), that could be specified globally or at the folder
level. We have also pondered some modal configuration settings/hints to
the existing solution that correspond to different navigational styles,
(i.e. relative forward/back navigation as we currently have, constant
navigation elements that reflect the physical folder structures, logical
view specifications like document sets, etc.). Obviously, changes to
support these different modes would also involve modifications to the
various velocity layout templates. Related efforts might include support
for javascript pull down menus or other portal navigation interfaces.
I would like to get input from the team on whether it is time to
consider such an effort and indeed what the effort should look like and
include. Any and all input will be appreciated!
Thanks,
Randy
---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: jetspeed-dev-help@jakarta.apache.org
Re: More Login/Security Enhancements
Posted by Ate Douma <at...@douma.nu>.
Randy Watler wrote:
> Ate/All,
>
> I have these additional Login/Security requirements that have made there
> way into a formal requirements process for our portal implementation:
>
> - Send email to end user for forgotten passwords, (offered on failed
> login attempts if user email address known).
+1
> - Ability of a non-authenticated end user to create and populate a
> disabled user account to be enabled later by admin/moderator, (includes
> automatic email notification of the request and approved/denied messages
> if user email address known).
+1
>
> I think these features are fairly typical for most sites requiring end
> user authentication. Is there any interest in, (or objections to), these
> features being added to J2 proper? If there is interest, I will generate
> a JIRA issue and we can see if there are other similar capabilities that
> can be added at the same time.
+1
I myself have been asked by my client to provide more/correct feedback to
a user trying to login but whose account already has been disabled (too many
failed login attempts). The current functionality clearly isn't giving
good feedback at all. The problem to do this better though is that there
isn't a formal way to communicate information back *through* the JAAS implementation
(i.e. the Tomcat JAASRealm) to the client (J2). We need to provide our own
channel or such for that.
>
> Thanks!
>
> Randy
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: jetspeed-dev-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: jetspeed-dev-help@jakarta.apache.org
>
>
>
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: jetspeed-dev-help@jakarta.apache.org