portals-jetspeed-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From David Sean Taylor <da...@bluesunrise.com>
Subject Re: Jetspeed2 Security
Date Fri, 10 Jun 2005 17:50:08 GMT
Shah Amit wrote:
> I have the exact same problem !!! I think with J2, roles and groups are 
> just 2 interchangeable ways of catagorizing users. I tried to find a 
> link between those, but I couldn't. Finally I ended up designing my 
> system accordingly atleast for now.
> 
> I just check for roles in my system, and treat roles as "actual 
> permissions".
>
Im not sure if I understand the question.
So please be patient with me if Im totally off target here.
It won't be the first time!

Do you want to "link" or associate, roles with groups. Is that correct?

In the database schema, there is the SECURITY_GROUP_ROLE table:

     <table name="SECURITY_GROUP_ROLE">
         <column name="GROUP_ID" primaryKey="true" required="true" 
type="INTEGER"/>
         <column name="ROLE_ID" primaryKey="true" required="true" 
type="INTEGER"/>
         <foreign-key foreignTable="SECURITY_PRINCIPAL" onDelete="cascade">
             <reference foreign="PRINCIPAL_ID" local="GROUP_ID"/>
         </foreign-key>
         <foreign-key foreignTable="SECURITY_PRINCIPAL" onDelete="cascade">
             <reference foreign="PRINCIPAL_ID" local="ROLE_ID"/>
         </foreign-key>
     </table>

In the API, there is:

o.a.j.security.RoleManager:

     Collection getRolesInGroup(String groupFullPathName) throws 
SecurityException;
     void addRoleToGroup(String roleFullPathName, String 
groupFullPathName) throws SecurityException;
     void removeRoleFromGroup(String roleFullPathName, String 
groupFullPathName) throws SecurityException;
     boolean isGroupInRole(String groupFullPathName, String 
roleFullPathName) throws SecurityException;
....

o.a.j.security.GroupManager:

     Collection getGroupsInRole(String roleFullPathName) throws 
SecurityException;

hth,

-- 
David Sean Taylor
Bluesunrise Software
david@bluesunrise.com
[office] +01 707 773-4646
[mobile] +01 707 529 9194

---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-dev-unsubscribe@portals.apache.org
For additional commands, e-mail: jetspeed-dev-help@portals.apache.org


Mime
View raw message