You are viewing a plain text version of this content. The canonical link for it is here.
Posted to jetspeed-user@portals.apache.org by Stefano Bianchi <st...@softeco.it> on 2005/07/20 10:31:01 UTC
ROLES AND PSML PRIMER (as promised)
As promised to David Sean Taylor, here you are a summary of an interesting
thread...
Ready to be included in the documentation! ;-)
I hope I got the issue! If possible, please review and recirculate it!
#############################################################
#############################################################
##
## ROLES AND PSML PRIMER ;-)
##
## This (short) guideline applies to Jetspeed 1.6.
## Please tech guys check if it is ok for other versions!
##
## by Stefano Bianchi, 2005.07.08
## kindly collaborated: David Sean Taylor, Archana Turaga
##
#############################################################
#############################################################
##
## ABBREVIATIONS:
##
## JR.p = JetspeedResource.properties file
## in [jetspeed]\WEB-INF\conf
##
#############################################################
#############################################################
##
##
#############################################################
#############################################################
## #############################################
## ROLES ETC. #############################################
## #############################################
##
## To assign a default role to a new user, you should edit the
## JR.p property:
##
## services.JetspeedSecurity.newuser.roles=user
##
## Each new user gets the role define in this property!
##
## It is possible to define and assign new roles by editing
## this property and adding comma separated values:
##
## services.JetspeedSecurity.newuser.roles=user,user_X,user_Y
##
## If you want to rely only on role for user management,
## just set these properties in JR.p:
##
## services.Profiler.newuser.template=
## services.Profiler.rolefallback=true
##
## NOTE: leave the first one blank!
##
## Pay attention! If you set the property
##
## services.JetspeedSecurity.newuser.roles=user,user_X,user_Y
##
## each new user gets ALL the comma separated roles!
##
#############################################################
#############################################################
## ####################################
## ROLE-BASED FALLBACK ####################################
## ####################################
##
## If you are using role-based fallback of psmls, i.e. if you set:
##
## services.Profiler.rolefallback=true
##
## then it means that all role psml directories will be searched
## for a psml resource for the current user.
##
#############################################################
#############################################################
## ####################################
## ROLE-BASED MERGE ####################################
## ####################################
##
## In this case, when the user is created,
## then all roles defined for the JR.p property:
##
## services.JetspeedSecurity.newuser.roles
##
## are used and merged!
##
## "Then, if you set (leave blank):
##
## services.Profiler.newuser.template=
##
## which 'role psml' is used/copied?
## The first one only (i.e. 'default_role')?
## Is the 'role psml' copied as the 'new user's psml'?
## Or is it used without copying it?"
##
## It only applies when role-based merge is set,
## again they are all merged.
##
## "Then, what does 'ROLE-BASED MERGE' mean?"
## "Some portlets from here, some from there? On which basis?"
##
## It is psml (profile) merging by role.
## When a new user is created, the psml of the user
## is created as a copy of the psml for all the roles
## (listed as comma sperated values) for the JR.p property:
##
## services.JetspeedSecurity.newuser.roles
##
## This is a "one time copy" made at user creation time, although if role
## profile merging is enabled, when a user is granted a new role from the
## Jetspeed User Admin portlet, the new role will be merged at that time.
## (Note: this is also now possible by group,
## see http://issues.apache.org/jira/browse/JS1-537)
##
## NOTE: this is different from role-based fallback:
##
## - ROLL-BASED FALLBACK does not make a copy of the psml,
## thus the psml is shared by all users with the same roles!
## - ROLE-BASED MERGE makes a one time copy into
## the user's local psml directory and the psml is not shared!
##
## With ROLE-BASED MERGE, the psmls from all the roles
## that were assigned to the user in the JR.p property:
##
## services.JetspeedSecurity.newuser.roles
##
## will be merged.
##
## It is actually pretty interesting the way this psml merge works.
## If a new user gets diferent roles (e.g. A, B, and C roles),
## then the result of the merge is that the psml belonging to each role
## will show up as a SEPARATE tab.
##
## Here you are a practical example.
## If you set the JR.p property:
##
## services.JetspeedSecurity.newuser.roles=ROLE_A,ROLE_B,ROLE_C
##
## and the psmls for these roles are something like:
##
## PSML_ROLE_A = { PORTLET_A1 , PORTLET_A2 , PORTLET_A3 }
## PSML_ROLE_B = { PORTLET_B1 , PORTLET_B2 }
## PSML_ROLE_C = { PORTLET_C1 , PORTLET_C2 , PORTLET_C3}
##
## then the psml for the new user has three tabs:
##
## ROLE_A | ROLE_B | ROLE_C
##
## each tab containing the relative portlets.
##
## NOTE: ROLE-BASED MERGE does not save DB/harddisk space!
## The new psml is not generated 'on the fly': it is created
## by merging the role psmls and then it is written on DB/harddisk.
## If you use file-based user psml management, you should see
## a new psml file for the new user in the related folder.
## CONCLUSION: ROLE-BASED MERGE does not save 'space'!
##
#############################################################
#############################################################
## ############################################
## OPEN ISSUES ############################################
## ############################################
##
## Is ROLL-BASED FALLBACK meant to function 'on the fly'?
## That is:
## if I do not find a default.psml to clone for a new user,
## the system "falls back" and shows what is found for
## the role indicated.
## The matter is: "show" or "clone"?
## As Archana says, for multiple role merging, it seems "clone"...
## For a single role?
##
##
#############################################################
#############################################################
##
## Please tech guys find a few minutes to complete this!
##
## Thanx!
## Stefano
##
##
Ing. Stefano Bianchi
Softeco Sismat S.p.A.
Via De Marini, 1 - WTC Tower
16149 Genoa (ITALY)
e-mail: stefano.bianchi@softeco.it
tel: +39 010 60.26.368
fax: +39 010 60.26.350
---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-user-unsubscribe@portals.apache.org
For additional commands, e-mail: jetspeed-user-help@portals.apache.org