portals-jetspeed-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From <...@douma.nu>
Subject Re: [J2]Building on Jetspeed 2
Date Wed, 10 Mar 2004 23:31:14 GMT
David Le Strat wrote:
> Ate,
>
> See comments below.
>
> <snip>
>>>> My initial questions concern the user and security implementation
>>>> as is currently underway for jetspeed 2.
>>>>
>>>> 1) User attributes
> <snip>
>>>>
>>> We have a nice Preferences implementation in the works based on Java
>>> Preferences API with a database backend store
>>> The plan is to store portlet preferences using the Preference Store
>>
>> Alright I got that much from the source already.
>> But what about future usermanagement/registration
>> (possibly ported from J1).
>> Do you intend to store standard user attributes like
>> fullname, email etc.
>> also in the Preference Store or in a separate (still
>> to be defined) user
>> object with its
>> own persistence definition?
>
> The current J2 design provides access to a User object
> (see o.a.j.security.User) where the user is made of a
> Subject and a Preferences.
>
> The preferences will contain the user attributes as
> properties of the preferences node.
>
> So pref.get("user.firstname", null) would give you the
> user first name or null as a default value.
> The plan is also to map this to the portlet spec
> PLT.17.2, to the PortletRequest.USER_INFO as defined
> in the spec.
>
> Preferences provide us with quite an extensible user
> attributes model, built in the framework.

Ok. Possibly I will be able to use that. But...
I need additional user info attributes above and beyond those defined
in the spec. As per the spec. only attributes supported by the portal will
be
available to a portlet. Will it be possible to extend this default supported
list
with our own through some sort of configuration (thus not
hardcoded/restricted
by the default jetspeed engine)?

>>
>>>
>>>> 2) Security
>>>> Ok. So if I get this correctly, it will be based
>>>> on your new
>>>> user/group/role
>>>> security model.
>>>> Will role definitions defined through
>>>> declaritive web security be
>>>> automatically mapped onto
>>>> this model?
>
> That should probably be something we need to address.
> Do you want to chip in...

Sure for as far as it will match my requirements of course (I cannot promise
more in advance).
I'm gonna need the declaritive security anyway.
But I haven't been able to get the current security services implementation
(component now as I saw, didn't check that out yet) up and running. When do
you
expect that working? I can dive into it once that's done.

Additionally, as I mentioned already in my first post the deployer doesn't
handle
declaritive security at all (in contrast to the Pluto deployer). Somebody
currently
working on that? I can easily merge the Pluto handling back in and send it
in as
a patch but I wouldn't want to to step onto someone else's toes.

>
> Hope this helps.
>
> Regards,
>
> David Le Strat.
>
> __________________________________
> Do you Yahoo!?
> Yahoo! Search - Find what you're looking for faster
> http://search.yahoo.com



---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: jetspeed-dev-help@jakarta.apache.org


Mime
View raw message