You are viewing a plain text version of this content. The canonical link for it is here.

Posted to jetspeed-user@portals.apache.org by Anthony Smith <an...@fedex.com> on 2004/06/03 23:52:24 UTC

RegistryAccessController & GroupRole

Now that this has changed form 1.4 to 1.5, I am a bit confused on how to
structure my security.xreg file.

Since we now use GroupRole, how would I declare my access tag for a security
entry?

Originally I could say:

        <access action="*">
            <allow-if role="Developer"/>
        </access>

Well if I have a group called FedEx how do I establish my group in the tag
above?

Just using role does not allow me to have access to the portlet.

This statement always return false:
securityEntry.allowsGroupRole(groupname, rolename, action)


BTW, it works fine when I add a particular user in the security.xreg

Maybe I should uncomment that code in the RegistryAccessController?


---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: jetspeed-user-help@jakarta.apache.org

RE: RegistryAccessController & GroupRole

Posted by Mark Orciuch <ma...@ngsltd.com>.

If you don't specify group in the security ref definition, it defaults to
"Jetspeed". So in your case, the definition should be:

         <access action="*">
             <allow-if role="Developer" group="FedEx"/>
         </access>

Then enroll your users in FedEx with role Developer.

Best regards,

Mark C. Orciuch
Next Generation Solutions, Ltd.
e-Mail: mark_orciuch@ngsltd.com
web: http://www.ngsltd.com


> -----Original Message-----
> From: Anthony Smith [mailto:anthony.smith@fedex.com]
> Sent: Thursday, June 03, 2004 4:52 PM
> To: Jetspeed Users List
> Subject: RegistryAccessController & GroupRole
>
>
> Now that this has changed form 1.4 to 1.5, I am a bit confused on how to
> structure my security.xreg file.
>
> Since we now use GroupRole, how would I declare my access tag for
> a security
> entry?
>
> Originally I could say:
>
>         <access action="*">
>             <allow-if role="Developer"/>
>         </access>
>
> Well if I have a group called FedEx how do I establish my group in the tag
> above?
>
> Just using role does not allow me to have access to the portlet.
>
> This statement always return false:
> securityEntry.allowsGroupRole(groupname, rolename, action)
>
>
> BTW, it works fine when I add a particular user in the security.xreg
>
> Maybe I should uncomment that code in the RegistryAccessController?
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: jetspeed-user-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: jetspeed-user-help@jakarta.apache.org
>
>
>
>



---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: jetspeed-user-help@jakarta.apache.org