You are viewing a plain text version of this content. The canonical link for it is here.
Posted to jetspeed-user@portals.apache.org by Dariush Behboudi <da...@glamm.com> on 2002/09/26 18:00:13 UTC
Role for the unlogged user, othr questions
Another question: I'm trying also to change role permissions using the
'Security role browser', but nothing seems to change accessing portlets
using modifing role permissions (maybe am I making a mistake?).
I would prefer to use role-based permissions (defined in the security role
browser) instead of configuring security-regs.
What do you think about that?
Thanks, Dariush.
Hi everyone,
I need to make possibile for the unregistered users (not logged) to view,
minimize and maximize portlets.
To make this possible I created a new security entry for the 'guest' role,
as follow:
<security-entry name="guestPerms">
<meta-info>
<title>guestPerms</title>
<description>guestPerms</description>
</meta-info>
<access action="view">
<allow-if role="guest"/>
</access>
<access action="maximize">
<allow-if role="guest"/>
</access>
<access action="minimize">
<allow-if role="guest"/>
</access>
</security-entry>
I assigned to a portlet this security Perm, but accessing to the related
pane as visitor (not logged), I'm not able to maximize and minimize, but
only to view the portlet.
Logging as 'anon' the security-entry is executed correctly.
Thus, my question is: what's the default role assigned to an unlogged user?
I belived that accessing jetspeed as a visitor was the same than logging on
with 'anon' user, but my test demostrates that itsn't so.
Regards, Dariush.
--
To unsubscribe, e-mail: <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>
RE: Role for the unlogged user, othr questions
Posted by Mark Orciuch <ma...@ngsltd.com>.
Correction:
> <access action="view">
> <allow-if role="guest"
> </access>
> <access action="minimize">
> <allow-if role="guest"
> </access>
> <access action="maximixe">
> <allow-if role="guest"
> </access>
Best regards,
Mark C. Orciuch
Next Generation Solutions, Ltd.
e-Mail: mark_orciuch@ngsltd.com
web: http://www.ngsltd.com
> -----Original Message-----
> From: Mark Orciuch [mailto:mark_orciuch@ngsltd.com]
> Sent: Friday, September 27, 2002 10:19 AM
> To: Jetspeed Users List
> Subject: RE: Role for the unlogged user, othr questions
>
>
> Dariush,
>
> I am not familiar with
> "services.JetspeedSecurity.permission.default.anonymous" setting. However,
> with "services.JetspeedSecurity.actions.anon.disable=false", you should be
> able to add the following to the "default" security entry:
>
> <access action="view">
> <allow-if role="guest"
> </access>
> <access action="view">
> <allow-if role="minimize"
> </access>
> <access action="maximixe">
> <allow-if role="guest"
> </access>
>
> ... or create another security entry. I have not tested this but give it a
> go.
>
> Best regards,
>
> Mark C. Orciuch
> Next Generation Solutions, Ltd.
> e-Mail: mark_orciuch@ngsltd.com
> web: http://www.ngsltd.com
>
> > -----Original Message-----
> > From: Dariush Behboudi [mailto:dariush.behboudi@glamm.com]
> > Sent: Friday, September 27, 2002 5:28 AM
> > To: Jetspeed Users List
> > Subject: R: Role for the unlogged user, othr questions
> >
> >
> > Hi Mark,
> > I've made some tests and I've got some questions on
> JetSpeedSecurity.prop.
> >
> > To make my tests, I've created a simple portlet with no security-ref tag
> > inside.
> >
> > I have changed the default settings as follow
> > services.JetspeedSecurity.permission.default.anonymous=view, minimize,
> > maximize
> > services.JetspeedSecurity.actions.anon.disable=false
> >
> > With these two options, an unlogged user (anon) should be able
> > only to view,
> > minimize and maximize my simple portlet, because no permissions
> > are defined
> > by default to the portlet (I think) but really he see all the actions
> > available (customize, close, maximize and so on).
> >
> > The same thing happens by default to panels customize buttons...
> >
> > It seems that the default.anonymous entry is not read at all.
> >
> > How can I use these two options to make available by default
> > view, minimize
> > and maximize options to the anon visitor?
> >
> > Thanks, Dariush.
> >
> >
> >
> > -----Messaggio originale-----
> > Da: Mark Orciuch [mailto:mark_orciuch@ngsltd.com]
> > Inviato: giovedì 26 settembre 2002 22.32
> > A: Jetspeed Users List
> > Oggetto: RE: Role for the unlogged user, othr questions
> >
> >
> > Dariush,
> >
> > According to this
> > http://www.mail-archive.com/jetspeed-user@jakarta.apache.org/msg04
> > 847.html,
> > the role-based permissions are maintained for backward compatibility. I
> > can't confirm that by examining RegistryAccessController class so my
> > conclusion is that it does not work anymore and you have to use
> > the security
> > references.
> >
> > Best regards,
> >
> > Mark C. Orciuch
> > Next Generation Solutions, Ltd.
> > e-Mail: mark_orciuch@ngsltd.com
> > web: http://www.ngsltd.com
> >
> >
> > > -----Original Message-----
> > > From: Dariush Behboudi [mailto:dariush.behboudi@glamm.com]
> > > Sent: Thursday, September 26, 2002 11:00 AM
> > > To: Jetspeed Users List
> > > Subject: Role for the unlogged user, othr questions
> > >
> > >
> > > Another question: I'm trying also to change role permissions using the
> > > 'Security role browser', but nothing seems to change
> accessing portlets
> > > using modifing role permissions (maybe am I making a mistake?).
> > >
> > > I would prefer to use role-based permissions (defined in the
> > security role
> > > browser) instead of configuring security-regs.
> > >
> > > What do you think about that?
> > >
> > > Thanks, Dariush.
> > >
> > >
> > > Hi everyone,
> > > I need to make possibile for the unregistered users (not
> > logged) to view,
> > > minimize and maximize portlets.
> > > To make this possible I created a new security entry for the
> > 'guest' role,
> > > as follow:
> > >
> > > <security-entry name="guestPerms">
> > > <meta-info>
> > > <title>guestPerms</title>
> > > <description>guestPerms</description>
> > > </meta-info>
> > > <access action="view">
> > > <allow-if role="guest"/>
> > > </access>
> > > <access action="maximize">
> > > <allow-if role="guest"/>
> > > </access>
> > > <access action="minimize">
> > > <allow-if role="guest"/>
> > > </access>
> > > </security-entry>
> > >
> > > I assigned to a portlet this security Perm, but accessing to
> the related
> > > pane as visitor (not logged), I'm not able to maximize and
> minimize, but
> > > only to view the portlet.
> > >
> > > Logging as 'anon' the security-entry is executed correctly.
> > >
> > > Thus, my question is: what's the default role assigned to an
> > > unlogged user?
> > > I belived that accessing jetspeed as a visitor was the same than
> > > logging on
> > > with 'anon' user, but my test demostrates that itsn't so.
> > >
> > > Regards, Dariush.
> > >
> > >
> > >
> > > --
> > > To unsubscribe, e-mail:
> > <ma...@jakarta.apache.org>
> > For additional commands, e-mail:
> > <ma...@jakarta.apache.org>
> >
> >
> > --
> > To unsubscribe, e-mail:
> > <ma...@jakarta.apache.org>
> > For additional commands, e-mail:
> > <ma...@jakarta.apache.org>
> >
> >
> >
> > --
> > To unsubscribe, e-mail:
> <ma...@jakarta.apache.org>
> For additional commands, e-mail:
> <ma...@jakarta.apache.org>
>
>
> --
> To unsubscribe, e-mail:
<ma...@jakarta.apache.org>
For additional commands, e-mail:
<ma...@jakarta.apache.org>
--
To unsubscribe, e-mail: <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>
RE: Role for the unlogged user, othr questions
Posted by Mark Orciuch <ma...@ngsltd.com>.
Dariush,
I am not familiar with
"services.JetspeedSecurity.permission.default.anonymous" setting. However,
with "services.JetspeedSecurity.actions.anon.disable=false", you should be
able to add the following to the "default" security entry:
<access action="view">
<allow-if role="guest"
</access>
<access action="view">
<allow-if role="minimize"
</access>
<access action="maximixe">
<allow-if role="guest"
</access>
... or create another security entry. I have not tested this but give it a
go.
Best regards,
Mark C. Orciuch
Next Generation Solutions, Ltd.
e-Mail: mark_orciuch@ngsltd.com
web: http://www.ngsltd.com
> -----Original Message-----
> From: Dariush Behboudi [mailto:dariush.behboudi@glamm.com]
> Sent: Friday, September 27, 2002 5:28 AM
> To: Jetspeed Users List
> Subject: R: Role for the unlogged user, othr questions
>
>
> Hi Mark,
> I've made some tests and I've got some questions on JetSpeedSecurity.prop.
>
> To make my tests, I've created a simple portlet with no security-ref tag
> inside.
>
> I have changed the default settings as follow
> services.JetspeedSecurity.permission.default.anonymous=view, minimize,
> maximize
> services.JetspeedSecurity.actions.anon.disable=false
>
> With these two options, an unlogged user (anon) should be able
> only to view,
> minimize and maximize my simple portlet, because no permissions
> are defined
> by default to the portlet (I think) but really he see all the actions
> available (customize, close, maximize and so on).
>
> The same thing happens by default to panels customize buttons...
>
> It seems that the default.anonymous entry is not read at all.
>
> How can I use these two options to make available by default
> view, minimize
> and maximize options to the anon visitor?
>
> Thanks, Dariush.
>
>
>
> -----Messaggio originale-----
> Da: Mark Orciuch [mailto:mark_orciuch@ngsltd.com]
> Inviato: giovedì 26 settembre 2002 22.32
> A: Jetspeed Users List
> Oggetto: RE: Role for the unlogged user, othr questions
>
>
> Dariush,
>
> According to this
> http://www.mail-archive.com/jetspeed-user@jakarta.apache.org/msg04
> 847.html,
> the role-based permissions are maintained for backward compatibility. I
> can't confirm that by examining RegistryAccessController class so my
> conclusion is that it does not work anymore and you have to use
> the security
> references.
>
> Best regards,
>
> Mark C. Orciuch
> Next Generation Solutions, Ltd.
> e-Mail: mark_orciuch@ngsltd.com
> web: http://www.ngsltd.com
>
>
> > -----Original Message-----
> > From: Dariush Behboudi [mailto:dariush.behboudi@glamm.com]
> > Sent: Thursday, September 26, 2002 11:00 AM
> > To: Jetspeed Users List
> > Subject: Role for the unlogged user, othr questions
> >
> >
> > Another question: I'm trying also to change role permissions using the
> > 'Security role browser', but nothing seems to change accessing portlets
> > using modifing role permissions (maybe am I making a mistake?).
> >
> > I would prefer to use role-based permissions (defined in the
> security role
> > browser) instead of configuring security-regs.
> >
> > What do you think about that?
> >
> > Thanks, Dariush.
> >
> >
> > Hi everyone,
> > I need to make possibile for the unregistered users (not
> logged) to view,
> > minimize and maximize portlets.
> > To make this possible I created a new security entry for the
> 'guest' role,
> > as follow:
> >
> > <security-entry name="guestPerms">
> > <meta-info>
> > <title>guestPerms</title>
> > <description>guestPerms</description>
> > </meta-info>
> > <access action="view">
> > <allow-if role="guest"/>
> > </access>
> > <access action="maximize">
> > <allow-if role="guest"/>
> > </access>
> > <access action="minimize">
> > <allow-if role="guest"/>
> > </access>
> > </security-entry>
> >
> > I assigned to a portlet this security Perm, but accessing to the related
> > pane as visitor (not logged), I'm not able to maximize and minimize, but
> > only to view the portlet.
> >
> > Logging as 'anon' the security-entry is executed correctly.
> >
> > Thus, my question is: what's the default role assigned to an
> > unlogged user?
> > I belived that accessing jetspeed as a visitor was the same than
> > logging on
> > with 'anon' user, but my test demostrates that itsn't so.
> >
> > Regards, Dariush.
> >
> >
> >
> > --
> > To unsubscribe, e-mail:
> <ma...@jakarta.apache.org>
> For additional commands, e-mail:
> <ma...@jakarta.apache.org>
>
>
> --
> To unsubscribe, e-mail:
> <ma...@jakarta.apache.org>
> For additional commands, e-mail:
> <ma...@jakarta.apache.org>
>
>
>
> --
> To unsubscribe, e-mail:
<ma...@jakarta.apache.org>
For additional commands, e-mail:
<ma...@jakarta.apache.org>
--
To unsubscribe, e-mail: <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>
R: Role for the unlogged user, othr questions
Posted by Dariush Behboudi <da...@glamm.com>.
Hi Mark,
I've made some tests and I've got some questions on JetSpeedSecurity.prop.
To make my tests, I've created a simple portlet with no security-ref tag
inside.
I have changed the default settings as follow
services.JetspeedSecurity.permission.default.anonymous=view, minimize,
maximize
services.JetspeedSecurity.actions.anon.disable=false
With these two options, an unlogged user (anon) should be able only to view,
minimize and maximize my simple portlet, because no permissions are defined
by default to the portlet (I think) but really he see all the actions
available (customize, close, maximize and so on).
The same thing happens by default to panels customize buttons...
It seems that the default.anonymous entry is not read at all.
How can I use these two options to make available by default view, minimize
and maximize options to the anon visitor?
Thanks, Dariush.
-----Messaggio originale-----
Da: Mark Orciuch [mailto:mark_orciuch@ngsltd.com]
Inviato: giovedì 26 settembre 2002 22.32
A: Jetspeed Users List
Oggetto: RE: Role for the unlogged user, othr questions
Dariush,
According to this
http://www.mail-archive.com/jetspeed-user@jakarta.apache.org/msg04847.html,
the role-based permissions are maintained for backward compatibility. I
can't confirm that by examining RegistryAccessController class so my
conclusion is that it does not work anymore and you have to use the security
references.
Best regards,
Mark C. Orciuch
Next Generation Solutions, Ltd.
e-Mail: mark_orciuch@ngsltd.com
web: http://www.ngsltd.com
> -----Original Message-----
> From: Dariush Behboudi [mailto:dariush.behboudi@glamm.com]
> Sent: Thursday, September 26, 2002 11:00 AM
> To: Jetspeed Users List
> Subject: Role for the unlogged user, othr questions
>
>
> Another question: I'm trying also to change role permissions using the
> 'Security role browser', but nothing seems to change accessing portlets
> using modifing role permissions (maybe am I making a mistake?).
>
> I would prefer to use role-based permissions (defined in the security role
> browser) instead of configuring security-regs.
>
> What do you think about that?
>
> Thanks, Dariush.
>
>
> Hi everyone,
> I need to make possibile for the unregistered users (not logged) to view,
> minimize and maximize portlets.
> To make this possible I created a new security entry for the 'guest' role,
> as follow:
>
> <security-entry name="guestPerms">
> <meta-info>
> <title>guestPerms</title>
> <description>guestPerms</description>
> </meta-info>
> <access action="view">
> <allow-if role="guest"/>
> </access>
> <access action="maximize">
> <allow-if role="guest"/>
> </access>
> <access action="minimize">
> <allow-if role="guest"/>
> </access>
> </security-entry>
>
> I assigned to a portlet this security Perm, but accessing to the related
> pane as visitor (not logged), I'm not able to maximize and minimize, but
> only to view the portlet.
>
> Logging as 'anon' the security-entry is executed correctly.
>
> Thus, my question is: what's the default role assigned to an
> unlogged user?
> I belived that accessing jetspeed as a visitor was the same than
> logging on
> with 'anon' user, but my test demostrates that itsn't so.
>
> Regards, Dariush.
>
>
>
> --
> To unsubscribe, e-mail:
<ma...@jakarta.apache.org>
For additional commands, e-mail:
<ma...@jakarta.apache.org>
--
To unsubscribe, e-mail:
<ma...@jakarta.apache.org>
For additional commands, e-mail:
<ma...@jakarta.apache.org>
--
To unsubscribe, e-mail: <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>
RE: Role for the unlogged user, othr questions
Posted by Mark Orciuch <ma...@ngsltd.com>.
Dariush,
According to this
http://www.mail-archive.com/jetspeed-user@jakarta.apache.org/msg04847.html,
the role-based permissions are maintained for backward compatibility. I
can't confirm that by examining RegistryAccessController class so my
conclusion is that it does not work anymore and you have to use the security
references.
Best regards,
Mark C. Orciuch
Next Generation Solutions, Ltd.
e-Mail: mark_orciuch@ngsltd.com
web: http://www.ngsltd.com
> -----Original Message-----
> From: Dariush Behboudi [mailto:dariush.behboudi@glamm.com]
> Sent: Thursday, September 26, 2002 11:00 AM
> To: Jetspeed Users List
> Subject: Role for the unlogged user, othr questions
>
>
> Another question: I'm trying also to change role permissions using the
> 'Security role browser', but nothing seems to change accessing portlets
> using modifing role permissions (maybe am I making a mistake?).
>
> I would prefer to use role-based permissions (defined in the security role
> browser) instead of configuring security-regs.
>
> What do you think about that?
>
> Thanks, Dariush.
>
>
> Hi everyone,
> I need to make possibile for the unregistered users (not logged) to view,
> minimize and maximize portlets.
> To make this possible I created a new security entry for the 'guest' role,
> as follow:
>
> <security-entry name="guestPerms">
> <meta-info>
> <title>guestPerms</title>
> <description>guestPerms</description>
> </meta-info>
> <access action="view">
> <allow-if role="guest"/>
> </access>
> <access action="maximize">
> <allow-if role="guest"/>
> </access>
> <access action="minimize">
> <allow-if role="guest"/>
> </access>
> </security-entry>
>
> I assigned to a portlet this security Perm, but accessing to the related
> pane as visitor (not logged), I'm not able to maximize and minimize, but
> only to view the portlet.
>
> Logging as 'anon' the security-entry is executed correctly.
>
> Thus, my question is: what's the default role assigned to an
> unlogged user?
> I belived that accessing jetspeed as a visitor was the same than
> logging on
> with 'anon' user, but my test demostrates that itsn't so.
>
> Regards, Dariush.
>
>
>
> --
> To unsubscribe, e-mail:
<ma...@jakarta.apache.org>
For additional commands, e-mail:
<ma...@jakarta.apache.org>
--
To unsubscribe, e-mail: <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>