portals-jetspeed-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Todd Kuebler <tkueb...@cisco.com>
Subject RE: DO NOT REPLY [Bug 19003] - Remove obsolete security related attributes from registries
Date Wed, 16 Apr 2003 16:38:25 GMT

My event proposal has actions in the registry as well.  The security could 
be implemented in the event handling intermediary service.

-tk

At 10:38 AM 4/16/2003 -0400, Weaver, Scott wrote:
>IMOHO, we should define actions at the registry level, that allows for 
>developers to easily create there own custom actions.  We would also be 
>able to apply security directly to actions at this point.
>
>
> > I've seen people trying to grant
> > these permissions to roles and expect to control access to portlet actions
> > that
> > way. It could be somewhat confusing but let's leave it as is for now.
>
>Yes, there is a lot of confusion over the permission and security in 
>general on user.  We may need to update the docs on just how much 
>permissions really (don't) affect Jetspeed.
>
>Regards,
>*===================================*
>* Scott T Weaver                    *
>* Jakarta Jetspeed Portal Project   *
>* weaver@apache.org                 *
>*===================================*
>
>
>
> > -----Original Message-----
> > From: bugzilla@apache.org [mailto:bugzilla@apache.org]
> > Sent: Wednesday, April 16, 2003 10:29 AM
> > To: jetspeed-dev@jakarta.apache.org
> > Subject: DO NOT REPLY [Bug 19003] - Remove obsolete security related
> > attributes from registries
> >
> > DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG
> > RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
> > <http://nagoya.apache.org/bugzilla/show_bug.cgi?id=19003>.
> > ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND
> > INSERTED IN THE BUG DATABASE.
> >
> > http://nagoya.apache.org/bugzilla/show_bug.cgi?id=19003
> >
> > Remove obsolete security related attributes from registries
> >
> >
> >
> >
> >
> > ------- Additional Comments From morciuch@apache.org  2003-04-16 14:28 ---
> > ----
> > Well, there isn't a good place to grab supported actions. You put the
> > contents
> > of TURBINE_PERMISSIONS table to good use. I've seen people trying to grant
> > these permissions to roles and expect to control access to portlet actions
> > that
> > way. It could be somewhat confusing but let's leave it as is for now.
> >
> > I'll probably just remove the non-existent actions like 'detach'.
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: jetspeed-dev-unsubscribe@jakarta.apache.org
> > For additional commands, e-mail: jetspeed-dev-help@jakarta.apache.org


---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: jetspeed-dev-help@jakarta.apache.org


Mime
View raw message