portals-jetspeed-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "David Sean Taylor" <da...@bluesunrise.com>
Subject Re: Security stuff...
Date Mon, 11 Jun 2001 20:18:19 GMT
> Why are you putting roles into the context? Security checks should happen
on
> a permission level, not on a role level.
>

Its not a security check....

I am putting *all* the roles from the TURBINE_ROLE table into the context.
Necessary for role-browser.vm to list all the roles in the system.

This portlet is a security management portlet, (like Flux, but
portlet-based) for administrative maintenance of roles. The RoleBrowser is
for an administrator to view and edit all roles in the system. The code you
are looking at is a portlet action that is invoked whenever the portlet is
displayed, see:

org.apache.jetspeed.modules.actions.portlets.VelocityPortlet
(public abstract class VelocityPortletAction extends VelocityAction)

When was the last time you tried Jetspeed anyway?
We are now making use of Velocity for controls, portlets, and controllers.

To try out the security stuff, logon as the 'admin' user, and its under the
'security' tab. Its not yet complete. I still have permissions and a few
more templates to finish.

-- David




---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: jetspeed-dev-help@jakarta.apache.org


Mime
View raw message