You are viewing a plain text version of this content. The canonical link for it is here.
Posted to jetspeed-user@portals.apache.org by Xavier Michel <xm...@cstahiti.com> on 2002/02/05 06:47:40 UTC
How to secure the http://host:8080/jetspeed/portal/user/toto
Hi,
When the user "toto" logs in, Jetspeed will dynamically check the psml file
user/toto/default.psml.
I try to protect the explicitly invoke
http://host:8080/jetspeed/portal/user/toto
Same thing for http://host:8080/jetspeed/portal/group/apache and
http://host:8080/jetspeed/portal/permission/foo
Something is parametrable in the conf. ?
--
To unsubscribe, e-mail: <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>
Re: How to secure the http://host:8080/jetspeed/portal/user/toto
Posted by Santiago Gala <sg...@hisitech.com>.
Xavier Michel wrote:
>Hi,
>
>When the user "toto" logs in, Jetspeed will dynamically check the psml file
>user/toto/default.psml.
>
>I try to protect the explicitly invoke
>http://host:8080/jetspeed/portal/user/toto
>
>Same thing for http://host:8080/jetspeed/portal/group/apache and
>http://host:8080/jetspeed/portal/permission/foo
>
>Something is parametrable in the conf. ?
>
This depends on the version you are running. There are partial
implementations of security, although I think nothing regarding PSML.
I'm currently working in securing psml in cvs. I will commit shortly the
security for portletsets, which include the psml access.
I will post first a proposal in jetspeed-dev, since the changes involved
some changes in the way PSML is looked for in jetspeed.
Expect this feature to be out and tested by Jetspeed 1.3
By the way, when the proposal is out and implemented, I will require you
people to try to break it in all imaginable ways, to make sure we have
not oversight anything.
>
>
>--
>To unsubscribe, e-mail: <ma...@jakarta.apache.org>
>For additional commands, e-mail: <ma...@jakarta.apache.org>
>
--
To unsubscribe, e-mail: <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>