portals-jetspeed-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Shah Amit" <amit_sha...@hotmail.com>
Subject Re: Jetspeed2 Security
Date Fri, 10 Jun 2005 18:13:01 GMT
Hi David,

Thanks for your response.

But I think it is still kind of insufficient for my situation. I dont know 
if that is the case for the originator of this thread, but I will explain my 
situation --

I have a few customers with companies say A, B, C.
I want to have some permissions - P,Q,R,W,X, Y, Z
I want to create some "high level groups" of permissions -
J -> has P, Q, R
G -> has X, Y, Z
I -> has Q, Y, Z

Now I want to assign these "high level groups" of permissions to companies -
A -> has J
B -> has G
C -> has I

And then, a user simply belongs to a company.
Joe -> Company A
John -> Company B
Smith -> Company C

Thanks,
Amit


----Original Message Follows----
From: David Sean Taylor <david@bluesunrise.com>
Reply-To: "Jetspeed Developers List" <jetspeed-dev@portals.apache.org>
To: Jetspeed Developers List <jetspeed-dev@portals.apache.org>
Subject: Re: Jetspeed2 Security
Date: Fri, 10 Jun 2005 10:50:08 -0700

Shah Amit wrote:
>I have the exact same problem !!! I think with J2, roles and groups are 
>just 2 interchangeable ways of catagorizing users. I tried to find a link 
>between those, but I couldn't. Finally I ended up designing my system 
>accordingly atleast for now.
>
>I just check for roles in my system, and treat roles as "actual 
>permissions".
>
Im not sure if I understand the question.
So please be patient with me if Im totally off target here.
It won't be the first time!

Do you want to "link" or associate, roles with groups. Is that correct?

In the database schema, there is the SECURITY_GROUP_ROLE table:

     <table name="SECURITY_GROUP_ROLE">
         <column name="GROUP_ID" primaryKey="true" required="true" 
type="INTEGER"/>
         <column name="ROLE_ID" primaryKey="true" required="true" 
type="INTEGER"/>
         <foreign-key foreignTable="SECURITY_PRINCIPAL" onDelete="cascade">
             <reference foreign="PRINCIPAL_ID" local="GROUP_ID"/>
         </foreign-key>
         <foreign-key foreignTable="SECURITY_PRINCIPAL" onDelete="cascade">
             <reference foreign="PRINCIPAL_ID" local="ROLE_ID"/>
         </foreign-key>
     </table>

In the API, there is:

o.a.j.security.RoleManager:

     Collection getRolesInGroup(String groupFullPathName) throws 
SecurityException;
     void addRoleToGroup(String roleFullPathName, String groupFullPathName) 
throws SecurityException;
     void removeRoleFromGroup(String roleFullPathName, String 
groupFullPathName) throws SecurityException;
     boolean isGroupInRole(String groupFullPathName, String 
roleFullPathName) throws SecurityException;
....

o.a.j.security.GroupManager:

     Collection getGroupsInRole(String roleFullPathName) throws 
SecurityException;

hth,

--
David Sean Taylor
Bluesunrise Software
david@bluesunrise.com
[office] +01 707 773-4646
[mobile] +01 707 529 9194

---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-dev-unsubscribe@portals.apache.org
For additional commands, e-mail: jetspeed-dev-help@portals.apache.org



---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-dev-unsubscribe@portals.apache.org
For additional commands, e-mail: jetspeed-dev-help@portals.apache.org


Mime
View raw message