You are viewing a plain text version of this content. The canonical link for it is here.
Posted to jetspeed-user@portals.apache.org by Stefano Bianchi <st...@softeco.it> on 2005/07/20 10:31:01 UTC

ROLES AND PSML PRIMER (as promised)

As promised to David Sean Taylor, here you are a summary of an interesting
thread...
Ready to be included in the documentation! ;-)
I hope I got the issue! If possible, please review and recirculate it!

#############################################################
#############################################################
##
##   ROLES AND PSML PRIMER ;-)
##
##   This (short) guideline applies to Jetspeed 1.6.
##   Please tech guys check if it is ok for other versions!
##
##   by Stefano Bianchi, 2005.07.08
##   kindly collaborated: David Sean Taylor, Archana Turaga
##
#############################################################
#############################################################
##
##   ABBREVIATIONS:
##
##   JR.p = JetspeedResource.properties file
##          in [jetspeed]\WEB-INF\conf
##
#############################################################
#############################################################
##
##
#############################################################
#############################################################
##              #############################################
##  ROLES ETC.  #############################################
##              #############################################
##
##  To assign a default role to a new user, you should edit the
##  JR.p property:
##
##    services.JetspeedSecurity.newuser.roles=user
##
##  Each new user gets the role define in this property!
##
##  It is possible to define and assign new roles by editing
##  this property and adding comma separated values:
##
##    services.JetspeedSecurity.newuser.roles=user,user_X,user_Y
##
##  If you want to rely only on role for user management,
##  just set these properties in JR.p:
##
##    services.Profiler.newuser.template=
##    services.Profiler.rolefallback=true
##
##  NOTE: leave the first one blank!
##
##  Pay attention! If you set the property
##
##    services.JetspeedSecurity.newuser.roles=user,user_X,user_Y
##
##  each new user gets ALL the comma separated roles!
##
#############################################################
#############################################################
##                       ####################################
##  ROLE-BASED FALLBACK  ####################################
##                       ####################################
##
##  If you are using role-based fallback of psmls, i.e. if you set:
##
##    services.Profiler.rolefallback=true
##
##  then it means that all role psml directories will be searched
##  for a psml resource for the current user.
##
#############################################################
#############################################################
##                       ####################################
##  ROLE-BASED MERGE     ####################################
##                       ####################################
##
##  In this case, when the user is created,
##  then all roles defined for the JR.p property:
##
##    services.JetspeedSecurity.newuser.roles
##
##  are used and merged!
##
##  "Then, if you set (leave blank):
##
##      services.Profiler.newuser.template=
##
##  which 'role psml' is used/copied?
##  The first one only (i.e. 'default_role')?
##  Is the 'role psml' copied as the 'new user's psml'?
##  Or is it used without copying it?"
##
##  It only applies when role-based merge is set,
##  again they are all merged.
##
##  "Then, what does 'ROLE-BASED MERGE' mean?"
##  "Some portlets from here, some from there? On which basis?"
##
##  It is psml (profile) merging by role.
##  When a new user is created, the psml of the user
##  is created as a copy of the psml for all the roles
##  (listed as comma sperated values) for the JR.p property:
##
##    services.JetspeedSecurity.newuser.roles
##
##  This is a "one time copy" made at user creation time, although if role
##  profile merging is enabled, when a user is granted a new role from the
##  Jetspeed User Admin portlet, the new role will be merged at that time.
##  (Note: this is also now possible by group,
##  see http://issues.apache.org/jira/browse/JS1-537)
##
##  NOTE: this is different from role-based fallback:
##
##    - ROLL-BASED FALLBACK does not make a copy of the psml,
##      thus the psml is shared by all users with the same roles!
##    - ROLE-BASED MERGE makes a one time copy into
##      the user's local psml directory and the psml is not shared!
##
##  With ROLE-BASED MERGE, the psmls from all the roles
##  that were assigned to the user in the JR.p property:
##
##    services.JetspeedSecurity.newuser.roles
##
##  will be merged.
##
##  It is actually pretty interesting the way this psml merge works.
##  If a new user gets diferent roles (e.g. A, B, and C roles),
##  then the result of the merge is that the psml belonging to each role
##  will show up as a SEPARATE tab.
##
##  Here you are a practical example.
##  If you set the JR.p property:
##
##    services.JetspeedSecurity.newuser.roles=ROLE_A,ROLE_B,ROLE_C
##
##  and the psmls for these roles are something like:
##
##    PSML_ROLE_A = { PORTLET_A1 , PORTLET_A2 , PORTLET_A3 }
##    PSML_ROLE_B = { PORTLET_B1 , PORTLET_B2 }
##    PSML_ROLE_C = { PORTLET_C1 , PORTLET_C2 , PORTLET_C3}
##
##  then the psml for the new user has three tabs:
##
##    ROLE_A | ROLE_B | ROLE_C
##
##  each tab containing the relative portlets.
##
##  NOTE: ROLE-BASED MERGE does not save DB/harddisk space!
##    The new psml is not generated 'on the fly': it is created
##    by merging the role psmls and then it is written on DB/harddisk.
##    If you use file-based user psml management, you should see
##    a new psml file for the new user in the related folder.
##    CONCLUSION: ROLE-BASED MERGE does not save 'space'!
##
#############################################################
#############################################################
##               ############################################
##  OPEN ISSUES  ############################################
##               ############################################
##
##  Is ROLL-BASED FALLBACK meant to function 'on the fly'?
##  That is:
##    if I do not find a default.psml to clone for a new user,
##    the system "falls back" and shows what is found for
##    the role indicated.
##    The matter is: "show" or "clone"?
##    As Archana says, for multiple role merging, it seems "clone"...
##    For a single role?
##
##
#############################################################
#############################################################
##
##  Please tech guys find a few minutes to complete this!
##
##  Thanx!
##  Stefano
##
##



Ing. Stefano Bianchi
Softeco Sismat S.p.A.
Via De Marini, 1 - WTC Tower
16149 Genoa (ITALY)
e-mail: stefano.bianchi@softeco.it
tel: +39 010 60.26.368
fax: +39 010 60.26.350




---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-user-unsubscribe@portals.apache.org
For additional commands, e-mail: jetspeed-user-help@portals.apache.org