You are viewing a plain text version of this content. The canonical link for it is here.
Posted to jetspeed-dev@portals.apache.org by "Young, Julian" <Ju...@nl.compuware.com> on 2001/03/14 15:35:43 UTC

RE: Portlet security

All,

First let me say that this discussion is of great interest to us
particularly now that JAAS has been included in the J2ee 1.3 beta release
and that as such we would be very interested in contributing to this.


Steve,

You said ;
> The problem is that the built-in code is per-process (read: per-JVM) and
it
> not the required per-thread which we need for Jetspeed.  So we couldn't
use
> the internal stuff without extending the Jetspeed code to do the ACL
> checking.


Probably a stupid question but what did you mean by the "built-in code is
per process and not the required per thread"   ?

Julian

-- 
Julian Young (Julian_young@nl.compuware.com)
Software Engineer - Compuware Europe B.V.
Hoogooddreef 5. PO Box 12933 1100 AX  Amsterdam The Netherlands
______________________________________________________________________ 
All opinions etc. are mine and don't necessarily reflect those of
Compuware 

-----Original Message-----
From: Steve Freeman [mailto:sfreeman@us.ibm.com]
Sent: Monday, February 26, 2001 7:29 PM
To: JetSpeed
Subject: Re: Portlet security


Santiago,

The problem is that the built-in code is per-process (read: per-JVM) and it
not the required per-thread which we need for Jetspeed.  So we couldn't use
the internal stuff without extending the Jetspeed code to do the ACL
checking.  Let me be *very* clear:  The Jetspeed code *must* initiate the
ACL processing.

JAAS allows you to plug in new auth mechanisms.  It still has the problem
as per the above statement.

Thomas,

I've looked into the built-in mechanisms for my own work.  The framework
consists of a set of interface classes.  Sun provides a default
implementation as the com.sun.* classes (I forget the rest of the naming,
it's been awhile).  Suffice it to say that the framework is very flexible
and will allow us to implement the security mechanisms as we see fit.  We
just need to plug in the right classes.

Steve



--
--------------------------------------------------------------
To subscribe:        jetspeed-on@list.working-dogs.com
To unsubscribe:      jetspeed-off@list.working-dogs.com
Search: <http://www.mail-archive.com/jetspeed@list.working-dogs.com/>
List Help?:          jon@working-dogs.com

---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: jetspeed-dev-help@jakarta.apache.org