portals-jetspeed-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From tay...@apache.org
Subject svn commit: r504018 - in /portals/jetspeed-2/trunk: applications/j2-admin/src/java/org/apache/jetspeed/portlets/customizer/ applications/j2-admin/src/java/org/apache/jetspeed/portlets/pam/ applications/j2-admin/src/java/org/apache/jetspeed/portlets/pam...
Date Tue, 06 Feb 2007 08:03:45 GMT
Author: taylor
Date: Tue Feb  6 00:03:44 2007
New Revision: 504018

URL: http://svn.apache.org/viewvc?view=rev&rev=504018
Log:
* refine portlet security checks during portlet selection
* introduce abstraction to security checks with Security Access Controller component
   which delegates to either Permission or Constraint checks based on Spring config
* make portlet security checks optional via new Security Access Controller component's Spring configuration
* rework category portlet selector to properly work in /portal mode, tested with several differet users to test non-profiled paths to full page paths
* added requestContext.locatePage functionality
* cleanup on old code

Added:
    portals/jetspeed-2/trunk/components/portal/src/java/org/apache/jetspeed/security/impl/SecurityAccessControllerImpl.java
    portals/jetspeed-2/trunk/jetspeed-api/src/java/org/apache/jetspeed/security/SecurityAccessController.java
Removed:
    portals/jetspeed-2/trunk/applications/j2-admin/src/java/org/apache/jetspeed/portlets/customizer/
    portals/jetspeed-2/trunk/applications/j2-admin/src/webapp/WEB-INF/view/customizer/
Modified:
    portals/jetspeed-2/trunk/applications/j2-admin/src/java/org/apache/jetspeed/portlets/pam/PortletApplicationBean.java
    portals/jetspeed-2/trunk/applications/j2-admin/src/java/org/apache/jetspeed/portlets/pam/beans/PortletApplicationBean.java
    portals/jetspeed-2/trunk/applications/j2-admin/src/java/org/apache/jetspeed/portlets/selector/CategoryPortletSelector.java
    portals/jetspeed-2/trunk/applications/j2-admin/src/java/org/apache/jetspeed/portlets/selector/PortletSelector.java
    portals/jetspeed-2/trunk/applications/j2-admin/src/webapp/WEB-INF/jetspeed-portlet.xml
    portals/jetspeed-2/trunk/components/page-manager/src/java/org/apache/jetspeed/om/page/ContentFragmentImpl.java
    portals/jetspeed-2/trunk/components/page-manager/src/java/org/apache/jetspeed/om/page/ContentPageImpl.java
    portals/jetspeed-2/trunk/components/portal/src/java/org/apache/jetspeed/decoration/PageActionAccess.java
    portals/jetspeed-2/trunk/components/portal/src/java/org/apache/jetspeed/layout/impl/AddPortletAction.java
    portals/jetspeed-2/trunk/components/portal/src/java/org/apache/jetspeed/layout/impl/GetPortletsAction.java
    portals/jetspeed-2/trunk/components/portal/src/java/org/apache/jetspeed/request/JetspeedRequestContext.java
    portals/jetspeed-2/trunk/components/portal/src/java/org/apache/jetspeed/request/JetspeedRequestContextComponent.java
    portals/jetspeed-2/trunk/components/registry/src/java/org/apache/jetspeed/om/portlet/impl/PortletApplicationDefinitionImpl.java
    portals/jetspeed-2/trunk/jetspeed-api/src/java/org/apache/jetspeed/CommonPortletServices.java
    portals/jetspeed-2/trunk/jetspeed-api/src/java/org/apache/jetspeed/mockobjects/request/MockRequestContext.java
    portals/jetspeed-2/trunk/jetspeed-api/src/java/org/apache/jetspeed/om/common/portlet/PortletApplication.java
    portals/jetspeed-2/trunk/jetspeed-api/src/java/org/apache/jetspeed/request/RequestContext.java
    portals/jetspeed-2/trunk/jetspeed-api/src/java/org/apache/jetspeed/security/PermissionManager.java
    portals/jetspeed-2/trunk/layout-portlets/src/webapp/WEB-INF/jetspeed-portlet.xml
    portals/jetspeed-2/trunk/src/webapp/WEB-INF/assembly/administration.xml
    portals/jetspeed-2/trunk/src/webapp/WEB-INF/assembly/ajax-layout.xml
    portals/jetspeed-2/trunk/src/webapp/WEB-INF/assembly/jetspeed-services.xml

Modified: portals/jetspeed-2/trunk/applications/j2-admin/src/java/org/apache/jetspeed/portlets/pam/PortletApplicationBean.java
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/trunk/applications/j2-admin/src/java/org/apache/jetspeed/portlets/pam/PortletApplicationBean.java?view=diff&rev=504018&r1=504017&r2=504018
==============================================================================
--- portals/jetspeed-2/trunk/applications/j2-admin/src/java/org/apache/jetspeed/portlets/pam/PortletApplicationBean.java (original)
+++ portals/jetspeed-2/trunk/applications/j2-admin/src/java/org/apache/jetspeed/portlets/pam/PortletApplicationBean.java Tue Feb  6 00:03:44 2007
@@ -196,4 +196,8 @@
     {
         return pa.getJetspeedSecurityConstraint();
     }    
+    public boolean isLayoutApplication()
+    {
+        return pa.isLayoutApplication();
+    }
 }

Modified: portals/jetspeed-2/trunk/applications/j2-admin/src/java/org/apache/jetspeed/portlets/pam/beans/PortletApplicationBean.java
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/trunk/applications/j2-admin/src/java/org/apache/jetspeed/portlets/pam/beans/PortletApplicationBean.java?view=diff&rev=504018&r1=504017&r2=504018
==============================================================================
--- portals/jetspeed-2/trunk/applications/j2-admin/src/java/org/apache/jetspeed/portlets/pam/beans/PortletApplicationBean.java (original)
+++ portals/jetspeed-2/trunk/applications/j2-admin/src/java/org/apache/jetspeed/portlets/pam/beans/PortletApplicationBean.java Tue Feb  6 00:03:44 2007
@@ -197,5 +197,8 @@
     {
         return pa.getJetspeedSecurityConstraint();
     }
-    
+    public boolean isLayoutApplication()
+    {
+        return pa.isLayoutApplication();
+    }       
 }

Modified: portals/jetspeed-2/trunk/applications/j2-admin/src/java/org/apache/jetspeed/portlets/selector/CategoryPortletSelector.java
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/trunk/applications/j2-admin/src/java/org/apache/jetspeed/portlets/selector/CategoryPortletSelector.java?view=diff&rev=504018&r1=504017&r2=504018
==============================================================================
--- portals/jetspeed-2/trunk/applications/j2-admin/src/java/org/apache/jetspeed/portlets/selector/CategoryPortletSelector.java (original)
+++ portals/jetspeed-2/trunk/applications/j2-admin/src/java/org/apache/jetspeed/portlets/selector/CategoryPortletSelector.java Tue Feb  6 00:03:44 2007
@@ -16,8 +16,6 @@
 package org.apache.jetspeed.portlets.selector;
 
 import java.io.IOException;
-import java.security.AccessControlException;
-import java.security.AccessController;
 import java.util.ArrayList;
 import java.util.Collection;
 import java.util.Collections;
@@ -45,21 +43,22 @@
 import org.apache.commons.logging.LogFactory;
 import org.apache.jetspeed.CommonPortletServices;
 import org.apache.jetspeed.JetspeedActions;
+import org.apache.jetspeed.PortalReservedParameters;
 import org.apache.jetspeed.components.portletregistry.PortletRegistry;
 import org.apache.jetspeed.headerresource.HeaderResource;
 import org.apache.jetspeed.om.common.portlet.MutablePortletApplication;
 import org.apache.jetspeed.om.common.portlet.PortletDefinitionComposite;
 import org.apache.jetspeed.om.common.preference.PreferenceComposite;
-import org.apache.jetspeed.om.folder.Folder;
 import org.apache.jetspeed.om.page.Fragment;
 import org.apache.jetspeed.om.page.Page;
 import org.apache.jetspeed.page.PageManager;
-import org.apache.jetspeed.page.document.Node;
 import org.apache.jetspeed.portlets.CategoryInfo;
 import org.apache.jetspeed.portlets.PortletInfo;
+import org.apache.jetspeed.profiler.Profiler;
+import org.apache.jetspeed.request.RequestContext;
 import org.apache.jetspeed.search.ParsedObject;
 import org.apache.jetspeed.search.SearchEngine;
-import org.apache.jetspeed.security.PortletPermission;
+import org.apache.jetspeed.security.SecurityAccessController;
 import org.apache.pluto.om.common.Parameter;
 import org.apache.portals.gems.dojo.AbstractDojoVelocityPortlet;
 import org.apache.velocity.context.Context;
@@ -84,7 +83,8 @@
     protected final static String PORTLETS = "category.selector.portlets";
     protected final static String CATEGORIES = "category.selector.categories";
     protected final static String PAGE = "category.selector.page";
-    private final  String JSPAGE = "jspage";
+    
+    private final String JSPAGE = "jspage";
 	private final String CATEGORY = "category";
 	private final String PAGENUMNER = "pageNumber";
 	private final String FILTER = "filter";
@@ -92,6 +92,8 @@
     protected PortletRegistry registry;
     protected SearchEngine searchEngine;
     protected PageManager pageManager;
+    protected Profiler profiler;
+    protected SecurityAccessController securityAccessController;
     protected Random rand;
     
     public void init(PortletConfig config)
@@ -114,6 +116,16 @@
         {
             throw new PortletException("Failed to find the Page Manager on portlet initialization");
         }        
+        securityAccessController = (SecurityAccessController)context.getAttribute(CommonPortletServices.CPS_SECURITY_ACCESS_CONTROLLER);
+        if (null == securityAccessController)
+        {
+            throw new PortletException("Failed to find the Security Access Controller on portlet initialization");
+        }
+        profiler = (Profiler)context.getAttribute(CommonPortletServices.CPS_PROFILER_COMPONENT);
+        if (null == profiler)
+        {
+            throw new PortletException("Failed to find the Profiler on portlet initialization");
+        }        
         rand = new Random( 19580427 );
     }
     
@@ -146,7 +158,15 @@
         processPage(request);
         super.doView(request, response);
     }
-
+    
+    protected Page getPage(RenderRequest request) throws Exception
+    {
+        String path = request.getParameter(JSPAGE);
+        RequestContext requestContext = (RequestContext) 
+            request.getAttribute(PortalReservedParameters.REQUEST_CONTEXT_ATTRIBUTE);        
+        return requestContext.locatePage(profiler, path);
+    }    
+    
     protected void processPage(RenderRequest request)
     {
         String page = request.getParameter(JSPAGE);
@@ -297,16 +317,15 @@
         if (portlet == null)
             return null;
         
-        MutablePortletApplication muta = (MutablePortletApplication)portlet.getPortletApplicationDefinition();
-        String appName = muta.getName();
-        if (appName != null && appName.equals("jetspeed-layouts"))
-            return null;                
+        // Do not display Jetspeed Layout Applications
+        MutablePortletApplication pa = (MutablePortletApplication)portlet.getPortletApplicationDefinition();
+        if (pa.isLayoutApplication())
+            return null;
         
         // SECURITY filtering
-        String uniqueName = appName + "::" + portlet.getName();
-        try
+        String uniqueName = pa.getName() + "::" + portlet.getName();
+        if (securityAccessController.checkPortletAccess(portlet, JetspeedActions.MASK_VIEW))
         {
-            AccessController.checkPermission(new PortletPermission(portlet.getUniqueName(), JetspeedActions.MASK_VIEW));
             Parameter param = portlet.getInitParameterSet().get(PORTLET_ICON);
             String image;
             if (param != null)
@@ -333,11 +352,7 @@
             }
             return new PortletInfo(uniqueName, cleanup(portlet.getDisplayNameText(locale)), cleanup(portlet.getDescriptionText(locale)), image);
         }
-        catch (AccessControlException ace)
-        {
-            return null;
-        }
-        
+        return null;
     }
     
     protected String cleanup(String str)
@@ -716,23 +731,8 @@
 		}
 		return map;
 	}
-	private Page getPage(RenderRequest request) throws Exception
-	{
-		String user = request.getUserPrincipal().getName();
-		String page = request.getParameter("jspage");
-		String path;
-		if (page.equals("/")) page= Node.PATH_SEPARATOR + Folder.FALLBACK_DEFAULT_PAGE;
-		if (user.equals("admin"))
-		{
-			path  = page;
-		}else
-		{
-			path  = Folder.USER_FOLDER  + user + page;
-		}
-		return pageManager.getPage(path);                 
 
-	}
-	class CategoryResult {
+    class CategoryResult {
 		List list;
 
 		int resultSize;

Modified: portals/jetspeed-2/trunk/applications/j2-admin/src/java/org/apache/jetspeed/portlets/selector/PortletSelector.java
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/trunk/applications/j2-admin/src/java/org/apache/jetspeed/portlets/selector/PortletSelector.java?view=diff&rev=504018&r1=504017&r2=504018
==============================================================================
--- portals/jetspeed-2/trunk/applications/j2-admin/src/java/org/apache/jetspeed/portlets/selector/PortletSelector.java (original)
+++ portals/jetspeed-2/trunk/applications/j2-admin/src/java/org/apache/jetspeed/portlets/selector/PortletSelector.java Tue Feb  6 00:03:44 2007
@@ -15,8 +15,6 @@
 package org.apache.jetspeed.portlets.selector;
 
 import java.io.IOException;
-import java.security.AccessControlException;
-import java.security.AccessController;
 import java.sql.Types;
 import java.util.ArrayList;
 import java.util.Collection;
@@ -44,7 +42,7 @@
 import org.apache.jetspeed.portlets.pam.PortletApplicationResources;
 import org.apache.jetspeed.search.ParsedObject;
 import org.apache.jetspeed.search.SearchEngine;
-import org.apache.jetspeed.security.PortletPermission;
+import org.apache.jetspeed.security.SecurityAccessController;
 import org.apache.portals.gems.browser.BrowserIterator;
 import org.apache.portals.gems.browser.BrowserPortlet;
 import org.apache.portals.gems.util.StatusMessage;
@@ -62,7 +60,7 @@
     protected static final String CHECKEDSET = "checkedSet";
     protected static final String UNCHECKEDSET = "unCheckedSet";
    
-
+    protected SecurityAccessController securityAccessController;
     protected PortletRegistry registry;
     protected SearchEngine searchEngine;
     
@@ -81,7 +79,11 @@
         {
             throw new PortletException("Failed to find the Search Engine on portlet initialization");
         }        
-        
+        securityAccessController = (SecurityAccessController)context.getAttribute(CommonPortletServices.CPS_SECURITY_ACCESS_CONTROLLER);
+        if (null == securityAccessController)
+        {
+            throw new PortletException("Failed to find the Security Access Controller on portlet initialization");
+        }        
     }
           
     public void doView(RenderRequest request, RenderResponse response)
@@ -113,7 +115,6 @@
         String selectedPortletsString = getAsString(selectedCheckBoxes);
         this.getContext(request).put("selectedPortletsString", selectedPortletsString);
         
-        
         super.doView(request, response);
     }
 
@@ -240,26 +241,21 @@
                 if (portlet == null)
                     continue;
                 
-                MutablePortletApplication muta = (MutablePortletApplication)portlet.getPortletApplicationDefinition();
-                String appName = muta.getName();
-                if (appName != null && appName.equals("jetspeed-layouts"))
-                    continue;                
-                
+                // Do not display Jetspeed Layout Applications
+                MutablePortletApplication pa = (MutablePortletApplication)portlet.getPortletApplicationDefinition();
+                if (pa.isLayoutApplication())
+                    continue;
+                         
                 // SECURITY filtering
-                String uniqueName = appName + "::" + portlet.getName();
-                try
+                String uniqueName = pa.getName() + "::" + portlet.getName();
+                if (securityAccessController.checkPortletAccess(portlet, JetspeedActions.MASK_VIEW))
                 {
-                    AccessController.checkPermission(new PortletPermission(portlet.getUniqueName(), JetspeedActions.MASK_VIEW));
                     String name = portlet.getDisplayNameText(locale);
                     if (name == null)
                     {
                         name = portlet.getName();
                     }
                     list.add(new PortletInfo(uniqueName, name, portlet.getDescriptionText(locale)));
-                }
-                catch (AccessControlException ace)
-                {
-                    //continue
                 }
             }            
             BrowserIterator iterator = new PortletIterator(

Modified: portals/jetspeed-2/trunk/applications/j2-admin/src/webapp/WEB-INF/jetspeed-portlet.xml
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/trunk/applications/j2-admin/src/webapp/WEB-INF/jetspeed-portlet.xml?view=diff&rev=504018&r1=504017&r2=504018
==============================================================================
--- portals/jetspeed-2/trunk/applications/j2-admin/src/webapp/WEB-INF/jetspeed-portlet.xml (original)
+++ portals/jetspeed-2/trunk/applications/j2-admin/src/webapp/WEB-INF/jetspeed-portlet.xml Tue Feb  6 00:03:44 2007
@@ -20,23 +20,47 @@
     xmlns:dc="http://www.purl.org/dc"
     xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
     xsi:schemaLocation="http://portals.apache.org/jetspeed http://portals.apache.org/jetspeed-2/2.1/schemas/jetspeed-portlet.xsd">
-
+
+   <js:security-constraint-ref>admin</js:security-constraint-ref>
+ 
     <dc:title>Jetspeed-2 Administration Portlets</dc:title>
     <dc:title xml:lang="en">Jetspeed-2 Administration Portlets</dc:title>
     <dc:creator>J2 Team</dc:creator>
-
+ 
     <portlet>
-        <portlet-name>LoginPortlet</portlet-name>
+        <portlet-name>LoginPortlet</portlet-name>
+        <js:security-constraint-ref>public-view</js:security-constraint-ref>       
         <dc:title>Login Portlet</dc:title>
         <dc:creator>J2 Team</dc:creator>
     </portlet>
 
     <portlet>
         <portlet-name>LocaleSelector</portlet-name>
+        <js:security-constraint-ref>public-view</js:security-constraint-ref>       
         <dc:title>Locale Selector Portlet</dc:title>
         <dc:creator>J2 Team</dc:creator>
     </portlet>
-
+
+    <portlet>
+         <portlet-name>DateTimePortlet</portlet-name>
+         <js:security-constraint-ref>public-view</js:security-constraint-ref>
+    </portlet>
+
+    <portlet>
+         <portlet-name>ForgottenPasswordPortlet</portlet-name>
+         <js:security-constraint-ref>public-view</js:security-constraint-ref>
+    </portlet>
+
+    <portlet>
+         <portlet-name>UserRegistrationPortlet</portlet-name>
+         <js:security-constraint-ref>public-view</js:security-constraint-ref>
+    </portlet>
+
+    <portlet>
+         <portlet-name>CategoryPortletSelector</portlet-name>
+         <js:security-constraint-ref>AEUV</js:security-constraint-ref>
+    </portlet>   
+	
 	<js:services>        
         <js:service name='ApplicationServerManager'/>
         <js:service name='DeploymentManager'/>
@@ -54,7 +78,8 @@
 	    <js:service name='SearchComponent'/>                
         <js:service name="SSO" />                 
         <js:service name='UserManager'/>     
-        <js:service name='DecorationFactory'/>        
+        <js:service name='DecorationFactory'/> 
+        <js:service name='SecurityAccessController'/>       
 	</js:services>
 
 </portlet-app>

Modified: portals/jetspeed-2/trunk/components/page-manager/src/java/org/apache/jetspeed/om/page/ContentFragmentImpl.java
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/trunk/components/page-manager/src/java/org/apache/jetspeed/om/page/ContentFragmentImpl.java?view=diff&rev=504018&r1=504017&r2=504018
==============================================================================
--- portals/jetspeed-2/trunk/components/page-manager/src/java/org/apache/jetspeed/om/page/ContentFragmentImpl.java (original)
+++ portals/jetspeed-2/trunk/components/page-manager/src/java/org/apache/jetspeed/om/page/ContentFragmentImpl.java Tue Feb  6 00:03:44 2007
@@ -1,3 +1,17 @@
+/* Copyright 2004 Apache Software Foundation
+*
+* Licensed under the Apache License, Version 2.0 (the "License");
+* you may not use this file except in compliance with the License.
+* You may obtain a copy of the License at
+*
+*     http://www.apache.org/licenses/LICENSE-2.0
+*
+* Unless required by applicable law or agreed to in writing, software
+* distributed under the License is distributed on an "AS IS" BASIS,
+* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+* See the License for the specific language governing permissions and
+* limitations under the License.
+*/
 package org.apache.jetspeed.om.page;
 
 import java.io.Serializable;

Modified: portals/jetspeed-2/trunk/components/page-manager/src/java/org/apache/jetspeed/om/page/ContentPageImpl.java
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/trunk/components/page-manager/src/java/org/apache/jetspeed/om/page/ContentPageImpl.java?view=diff&rev=504018&r1=504017&r2=504018
==============================================================================
--- portals/jetspeed-2/trunk/components/page-manager/src/java/org/apache/jetspeed/om/page/ContentPageImpl.java (original)
+++ portals/jetspeed-2/trunk/components/page-manager/src/java/org/apache/jetspeed/om/page/ContentPageImpl.java Tue Feb  6 00:03:44 2007
@@ -1,3 +1,18 @@
+/* Copyright 2004 Apache Software Foundation
+*
+* Licensed under the Apache License, Version 2.0 (the "License");
+* you may not use this file except in compliance with the License.
+* You may obtain a copy of the License at
+*
+*     http://www.apache.org/licenses/LICENSE-2.0
+*
+* Unless required by applicable law or agreed to in writing, software
+* distributed under the License is distributed on an "AS IS" BASIS,
+* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+* See the License for the specific language governing permissions and
+* limitations under the License.
+*/
+
 package org.apache.jetspeed.om.page;
 
 import java.util.HashMap;

Modified: portals/jetspeed-2/trunk/components/portal/src/java/org/apache/jetspeed/decoration/PageActionAccess.java
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/trunk/components/portal/src/java/org/apache/jetspeed/decoration/PageActionAccess.java?view=diff&rev=504018&r1=504017&r2=504018
==============================================================================
--- portals/jetspeed-2/trunk/components/portal/src/java/org/apache/jetspeed/decoration/PageActionAccess.java (original)
+++ portals/jetspeed-2/trunk/components/portal/src/java/org/apache/jetspeed/decoration/PageActionAccess.java Tue Feb  6 00:03:44 2007
@@ -16,8 +16,6 @@
 package org.apache.jetspeed.decoration;
 
 import java.io.Serializable;
-import java.security.AccessControlException;
-import java.security.AccessController;
 import java.util.HashMap;
 
 import javax.portlet.PortletMode;
@@ -27,7 +25,6 @@
 import org.apache.commons.logging.LogFactory;
 import org.apache.jetspeed.JetspeedActions;
 import org.apache.jetspeed.om.page.Page;
-import org.apache.jetspeed.security.PortletPermission;
 
 /**
  * PageActionAccess
@@ -133,36 +130,7 @@
             return false;
         }
     }
-    
-    /**
-     * Determines whether the access request indicated by the specified
-     * permission should be allowed or denied, based on the security policy
-     * currently in effect.
-     * 
-     * @param resource
-     *                  The fully qualified resource name of the portlet
-     *                  (PA::portletName)
-     * @param action
-     *                  The action to perform on this resource (i.e. view, edit, help,
-     *                  max, min...)
-     * @return true if the action is allowed, false if it is not
-     */
-    protected boolean checkPermission( String resource, String action )
-    {
-        try
-        {
-            // TODO: it may be better to check the PagePermission for the outer
-            // most
-            // fragment (i.e. the PSML page)
-            AccessController.checkPermission(new PortletPermission(resource, action));
-        }
-        catch (AccessControlException e)
-        {
-            return false;
-        }
-        return true;
-    }
-    
+        
     protected boolean checkEditPage(Page page)
     {
         boolean allowed = false;

Modified: portals/jetspeed-2/trunk/components/portal/src/java/org/apache/jetspeed/layout/impl/AddPortletAction.java
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/trunk/components/portal/src/java/org/apache/jetspeed/layout/impl/AddPortletAction.java?view=diff&rev=504018&r1=504017&r2=504018
==============================================================================
--- portals/jetspeed-2/trunk/components/portal/src/java/org/apache/jetspeed/layout/impl/AddPortletAction.java (original)
+++ portals/jetspeed-2/trunk/components/portal/src/java/org/apache/jetspeed/layout/impl/AddPortletAction.java Tue Feb  6 00:03:44 2007
@@ -24,9 +24,7 @@
 import org.apache.jetspeed.ajax.AJAXException;
 import org.apache.jetspeed.ajax.AjaxAction;
 import org.apache.jetspeed.ajax.AjaxBuilder;
-import org.apache.jetspeed.layout.Coordinate;
 import org.apache.jetspeed.layout.PortletActionSecurityBehavior;
-import org.apache.jetspeed.layout.PortletPlacementContext;
 import org.apache.jetspeed.om.page.Fragment;
 import org.apache.jetspeed.om.page.Page;
 import org.apache.jetspeed.page.PageManager;

Modified: portals/jetspeed-2/trunk/components/portal/src/java/org/apache/jetspeed/layout/impl/GetPortletsAction.java
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/trunk/components/portal/src/java/org/apache/jetspeed/layout/impl/GetPortletsAction.java?view=diff&rev=504018&r1=504017&r2=504018
==============================================================================
--- portals/jetspeed-2/trunk/components/portal/src/java/org/apache/jetspeed/layout/impl/GetPortletsAction.java (original)
+++ portals/jetspeed-2/trunk/components/portal/src/java/org/apache/jetspeed/layout/impl/GetPortletsAction.java Tue Feb  6 00:03:44 2007
@@ -15,8 +15,6 @@
  */
 package org.apache.jetspeed.layout.impl;
 
-import java.security.AccessControlException;
-import java.security.AccessController;
 import java.util.ArrayList;
 import java.util.Collection;
 import java.util.Collections;
@@ -39,8 +37,7 @@
 import org.apache.jetspeed.request.RequestContext;
 import org.apache.jetspeed.search.ParsedObject;
 import org.apache.jetspeed.search.SearchEngine;
-import org.apache.jetspeed.security.PermissionManager;
-import org.apache.jetspeed.security.PortletPermission;
+import org.apache.jetspeed.security.SecurityAccessController;
 import org.apache.pluto.om.common.Parameter;
 
 /**
@@ -60,6 +57,8 @@
     protected Log log = LogFactory.getLog(GetPortletsAction.class);
     private PortletRegistry registry = null;
     private SearchEngine searchEngine = null;
+    private SecurityAccessController securityAccessController;
+    
     public final static String PORTLET_ICON = "portlet-icon";
     
     public GetPortletsAction(String template, String errorTemplate)
@@ -72,12 +71,13 @@
                              PageManager pageManager,
                              PortletRegistry registry,
                              SearchEngine searchEngine,
-                             PermissionManager permissionManager,
+                             SecurityAccessController securityAccessController,
                              PortletActionSecurityBehavior securityBehavior)
     {
         super(template, errorTemplate, pageManager, securityBehavior);
         this.registry = registry;
         this.searchEngine = searchEngine;
+        this.securityAccessController = securityAccessController;
     }
 
     public boolean run(RequestContext requestContext, Map resultMap)
@@ -136,17 +136,15 @@
             if (portlet == null)
                 continue;
             
-            MutablePortletApplication muta = 
-                (MutablePortletApplication)portlet.getPortletApplicationDefinition();
-            String appName = muta.getName();
-            if (appName != null && appName.equals("jetspeed-layouts"))
-                continue;                
-            
+            // Do not display Jetspeed Layout Applications
+            MutablePortletApplication pa = (MutablePortletApplication)portlet.getPortletApplicationDefinition();
+            if (pa.isLayoutApplication())
+                continue;
+                 
             // SECURITY filtering
-            String uniqueName = appName + "::" + portlet.getName();
-            try
+            String uniqueName = pa.getName() + "::" + portlet.getName();
+            if (securityAccessController.checkPortletAccess(portlet, JetspeedActions.MASK_VIEW))
             {
-                AccessController.checkPermission(new PortletPermission(portlet.getUniqueName(), JetspeedActions.MASK_VIEW));
                 Parameter param = portlet.getInitParameterSet().get(PORTLET_ICON);
                 String image;
                 if (param != null)
@@ -161,10 +159,6 @@
                     image = "images/portlets/applications-internet.png";
                 }                
                 list.add(new PortletInfo(uniqueName, portlet.getDisplayNameText(locale), portlet.getDescriptionText(locale), image));
-            }
-            catch (AccessControlException ace)
-            {
-                //continue
             }
         }            
         Collections.sort(list, this);

Modified: portals/jetspeed-2/trunk/components/portal/src/java/org/apache/jetspeed/request/JetspeedRequestContext.java
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/trunk/components/portal/src/java/org/apache/jetspeed/request/JetspeedRequestContext.java?view=diff&rev=504018&r1=504017&r2=504018
==============================================================================
--- portals/jetspeed-2/trunk/components/portal/src/java/org/apache/jetspeed/request/JetspeedRequestContext.java (original)
+++ portals/jetspeed-2/trunk/components/portal/src/java/org/apache/jetspeed/request/JetspeedRequestContext.java Tue Feb  6 00:03:44 2007
@@ -40,7 +40,13 @@
 import org.apache.jetspeed.om.common.MutableLanguage;
 import org.apache.jetspeed.om.impl.LanguageImpl;
 import org.apache.jetspeed.om.page.ContentPage;
+import org.apache.jetspeed.om.page.ContentPageImpl;
 import org.apache.jetspeed.pipeline.Pipeline;
+import org.apache.jetspeed.portalsite.PortalSiteRequestContext;
+import org.apache.jetspeed.portalsite.PortalSiteSessionContext;
+import org.apache.jetspeed.profiler.ProfileLocator;
+import org.apache.jetspeed.profiler.Profiler;
+import org.apache.jetspeed.profiler.impl.ProfilerValveImpl;
 import org.apache.jetspeed.security.SecurityHelper;
 import org.apache.jetspeed.security.UserPrincipal;
 import org.apache.jetspeed.userinfo.UserInfoManager;
@@ -632,5 +638,35 @@
     {
         this.response = response;
     }
+    
+    public ContentPage locatePage(Profiler profiler, String nonProfiledPath)
+    {
+        try
+        {
+            String pathSave = this.getPath();           
+            this.setPath(nonProfiledPath);
+            ContentPage realPage = this.getPage();
+            this.setPage(null);                
+            Map locators = null;
+            ProfileLocator locator = profiler.getProfile(this, ProfileLocator.PAGE_LOCATOR);
+            if ( locator != null )
+            {
+                locators = new HashMap();
+                locators.put(ProfileLocator.PAGE_LOCATOR, locator);
+            }               
+            PortalSiteSessionContext sessionContext = (PortalSiteSessionContext)getSessionAttribute(ProfilerValveImpl.PORTAL_SITE_SESSION_CONTEXT_ATTR_KEY);
+            PortalSiteRequestContext requestContext = sessionContext.newRequestContext(locators, true, true);
+            ContentPage cpage = new ContentPageImpl(requestContext.getManagedPage());
+            System.out.println("page is " + cpage.getPath());
+            this.setPage(realPage);            
+            this.setPath(pathSave);
+            return cpage;
+        }
+        catch (Throwable t)
+        {
+            t.printStackTrace();
+        }
+        return null;
+    }    
 
 }

Modified: portals/jetspeed-2/trunk/components/portal/src/java/org/apache/jetspeed/request/JetspeedRequestContextComponent.java
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/trunk/components/portal/src/java/org/apache/jetspeed/request/JetspeedRequestContextComponent.java?view=diff&rev=504018&r1=504017&r2=504018
==============================================================================
--- portals/jetspeed-2/trunk/components/portal/src/java/org/apache/jetspeed/request/JetspeedRequestContextComponent.java (original)
+++ portals/jetspeed-2/trunk/components/portal/src/java/org/apache/jetspeed/request/JetspeedRequestContextComponent.java Tue Feb  6 00:03:44 2007
@@ -23,11 +23,10 @@
 
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
-
 import org.apache.jetspeed.PortalReservedParameters;
-import org.apache.jetspeed.userinfo.UserInfoManager;
-import org.apache.jetspeed.aggregator.Worker;
 import org.apache.jetspeed.aggregator.CurrentWorkerContext;
+import org.apache.jetspeed.aggregator.Worker;
+import org.apache.jetspeed.userinfo.UserInfoManager;
 
 /**
  * JetspeedRequestContextComponent
@@ -68,7 +67,6 @@
                 contextClass = Class.forName(contextClassName);
             }
 
-            // TODO: we could use a pooled object implementation here
             Constructor constructor =
                 contextClass.getConstructor(
                     new Class[] {

Added: portals/jetspeed-2/trunk/components/portal/src/java/org/apache/jetspeed/security/impl/SecurityAccessControllerImpl.java
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/trunk/components/portal/src/java/org/apache/jetspeed/security/impl/SecurityAccessControllerImpl.java?view=auto&rev=504018
==============================================================================
--- portals/jetspeed-2/trunk/components/portal/src/java/org/apache/jetspeed/security/impl/SecurityAccessControllerImpl.java (added)
+++ portals/jetspeed-2/trunk/components/portal/src/java/org/apache/jetspeed/security/impl/SecurityAccessControllerImpl.java Tue Feb  6 00:03:44 2007
@@ -0,0 +1,81 @@
+/*
+ * Copyright 2000-2004 The Apache Software Foundation.
+ * 
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ * 
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.jetspeed.security.impl;
+
+
+import java.security.AccessControlException;
+import java.security.AccessController;
+
+import org.apache.jetspeed.om.common.portlet.MutablePortletApplication;
+import org.apache.jetspeed.om.common.portlet.PortletDefinitionComposite;
+import org.apache.jetspeed.page.PageManager;
+import org.apache.jetspeed.security.PortletPermission;
+import org.apache.jetspeed.security.SecurityAccessController;
+
+/**
+ * SecurityAccessorImpl implements SecurityAccessor component abstracting
+ * access to either Security Permission or Security Constraint implementations
+ * 
+ * @author <a href="mailto:taylor@apache.org">David Sean Taylor </a>
+ * @version $Id: $
+ */
+public class SecurityAccessControllerImpl implements SecurityAccessController
+{
+    protected PageManager pageManager;
+    protected int securityMode = SecurityAccessController.PERMISSIONS;
+    
+    public SecurityAccessControllerImpl(PageManager pageManager, int securityMode)
+    {
+        this.pageManager = pageManager;
+        this.securityMode = securityMode;
+    }
+    
+    public int getSecurityMode()
+    {
+        return securityMode;
+    }
+    
+    public boolean checkPortletAccess(PortletDefinitionComposite portlet, int mask)
+    {
+        if (securityMode == SecurityAccessController.CONSTRAINTS)
+        {
+            String constraintRef = portlet.getJetspeedSecurityConstraint();
+            if (constraintRef == null)
+            {
+                constraintRef = ((MutablePortletApplication)portlet.getPortletApplicationDefinition()).getJetspeedSecurityConstraint();                
+                if (constraintRef == null)
+                {
+                    return true; // allow access
+                }
+            }
+            // TODO: mask to list
+            return pageManager.checkConstraint(constraintRef, "view");                
+        }
+        else
+        {
+            try
+            {
+                AccessController.checkPermission(new PortletPermission(portlet.getUniqueName(), mask));
+            }
+            catch (AccessControlException ace)
+            {
+                return false;
+            }
+            return true;
+        }
+    
+    }
+}

Modified: portals/jetspeed-2/trunk/components/registry/src/java/org/apache/jetspeed/om/portlet/impl/PortletApplicationDefinitionImpl.java
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/trunk/components/registry/src/java/org/apache/jetspeed/om/portlet/impl/PortletApplicationDefinitionImpl.java?view=diff&rev=504018&r1=504017&r2=504018
==============================================================================
--- portals/jetspeed-2/trunk/components/registry/src/java/org/apache/jetspeed/om/portlet/impl/PortletApplicationDefinitionImpl.java (original)
+++ portals/jetspeed-2/trunk/components/registry/src/java/org/apache/jetspeed/om/portlet/impl/PortletApplicationDefinitionImpl.java Tue Feb  6 00:03:44 2007
@@ -607,4 +607,19 @@
         this.jetspeedSecurityConstraint = constraint;
     }
     
+    public boolean isLayoutApplication()
+    {
+        if (this.getMetadata() != null)
+        {
+            Collection c = this.getMetadata().getFields("layout-app");
+            if (c != null)
+            {
+                if (!c.isEmpty())
+                {
+                   return true;
+                }
+            }
+        }
+        return false;
+     }
 }

Modified: portals/jetspeed-2/trunk/jetspeed-api/src/java/org/apache/jetspeed/CommonPortletServices.java
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/trunk/jetspeed-api/src/java/org/apache/jetspeed/CommonPortletServices.java?view=diff&rev=504018&r1=504017&r2=504018
==============================================================================
--- portals/jetspeed-2/trunk/jetspeed-api/src/java/org/apache/jetspeed/CommonPortletServices.java (original)
+++ portals/jetspeed-2/trunk/jetspeed-api/src/java/org/apache/jetspeed/CommonPortletServices.java Tue Feb  6 00:03:44 2007
@@ -45,4 +45,5 @@
     public final static String CPS_PREFERENCES_PROVIDER = "cps:PreferencesProvider";
     public final static String CPS_DECORATION_FACTORY = "cps:DecorationFactory";
     public final static String CPS_PASSWORD_ENCODER_COMPONENT = "cps:PasswordEncodingService";
+    public final static String CPS_SECURITY_ACCESS_CONTROLLER = "cps:SecurityAccessController";
 }

Modified: portals/jetspeed-2/trunk/jetspeed-api/src/java/org/apache/jetspeed/mockobjects/request/MockRequestContext.java
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/trunk/jetspeed-api/src/java/org/apache/jetspeed/mockobjects/request/MockRequestContext.java?view=diff&rev=504018&r1=504017&r2=504018
==============================================================================
--- portals/jetspeed-2/trunk/jetspeed-api/src/java/org/apache/jetspeed/mockobjects/request/MockRequestContext.java (original)
+++ portals/jetspeed-2/trunk/jetspeed-api/src/java/org/apache/jetspeed/mockobjects/request/MockRequestContext.java Tue Feb  6 00:03:44 2007
@@ -32,6 +32,7 @@
 import org.apache.jetspeed.mockobjects.MockHttpServletRequest;
 import org.apache.jetspeed.om.page.ContentPage;
 import org.apache.jetspeed.pipeline.Pipeline;
+import org.apache.jetspeed.profiler.Profiler;
 import org.apache.jetspeed.request.RequestContext;
 import org.apache.pluto.om.common.Language;
 import org.apache.pluto.om.common.ObjectID;
@@ -549,5 +550,9 @@
     {
         this.response = response;
     }
-    
+
+    public ContentPage locatePage(Profiler profiler, String nonProfiledPath)
+    {
+        return null;
+    }
 }

Modified: portals/jetspeed-2/trunk/jetspeed-api/src/java/org/apache/jetspeed/om/common/portlet/PortletApplication.java
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/trunk/jetspeed-api/src/java/org/apache/jetspeed/om/common/portlet/PortletApplication.java?view=diff&rev=504018&r1=504017&r2=504018
==============================================================================
--- portals/jetspeed-2/trunk/jetspeed-api/src/java/org/apache/jetspeed/om/common/portlet/PortletApplication.java (original)
+++ portals/jetspeed-2/trunk/jetspeed-api/src/java/org/apache/jetspeed/om/common/portlet/PortletApplication.java Tue Feb  6 00:03:44 2007
@@ -133,4 +133,14 @@
      *                  the Jetspeed Security Constraints 
      */    
     String getJetspeedSecurityConstraint();    
+    
+    /**
+     * Returns true if the portlet application is a layout application
+     * Layouts are not "general" portlets, but instead used to group together
+     * other layouts and portlet fragments
+     * 
+     * @return true when this app is a Jetspeed layout application
+     */
+    boolean isLayoutApplication();
+    
 }

Modified: portals/jetspeed-2/trunk/jetspeed-api/src/java/org/apache/jetspeed/request/RequestContext.java
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/trunk/jetspeed-api/src/java/org/apache/jetspeed/request/RequestContext.java?view=diff&rev=504018&r1=504017&r2=504018
==============================================================================
--- portals/jetspeed-2/trunk/jetspeed-api/src/java/org/apache/jetspeed/request/RequestContext.java (original)
+++ portals/jetspeed-2/trunk/jetspeed-api/src/java/org/apache/jetspeed/request/RequestContext.java Tue Feb  6 00:03:44 2007
@@ -30,6 +30,7 @@
 import org.apache.jetspeed.container.url.PortalURL;
 import org.apache.jetspeed.om.page.ContentPage;
 import org.apache.jetspeed.pipeline.Pipeline;
+import org.apache.jetspeed.profiler.Profiler;
 import org.apache.pluto.om.common.Language;
 import org.apache.pluto.om.common.ObjectID;
 import org.apache.pluto.om.portlet.PortletDefinition;
@@ -429,5 +430,13 @@
      */
     Principal getUserPrincipal();
     
+    /**
+     * Locates a specific page using the profiler and site manager location algorithms
+     * from a generalized non-profiled path to the first page matching the path
+     * 
+     *  @param profiler The profiler component to use in the search
+     *  @return A Content Page located by the profiler, or null if not found
+     */
+    ContentPage locatePage(Profiler profiler, String nonProfiledPath);
 }
 

Modified: portals/jetspeed-2/trunk/jetspeed-api/src/java/org/apache/jetspeed/security/PermissionManager.java
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/trunk/jetspeed-api/src/java/org/apache/jetspeed/security/PermissionManager.java?view=diff&rev=504018&r1=504017&r2=504018
==============================================================================
--- portals/jetspeed-2/trunk/jetspeed-api/src/java/org/apache/jetspeed/security/PermissionManager.java (original)
+++ portals/jetspeed-2/trunk/jetspeed-api/src/java/org/apache/jetspeed/security/PermissionManager.java Tue Feb  6 00:03:44 2007
@@ -18,8 +18,6 @@
 import java.security.Permissions;
 import java.security.Principal;
 import java.util.Collection;
-import java.util.Iterator;
-
 import javax.security.auth.Subject;
 
 /**
@@ -133,7 +131,7 @@
      * <p>
      * Check permission for the given subject's access to the resource protected by the permission
      * This is an abstraction introduced in M4 for Permission Manager implementations NOT
-     * founded upon the a Java security policy.
+     * founded upon the a Java security policy.</p>
      * 
      * @param subject The Java subject.
      * @param permission The permission, usually a portlet, page or folder type permission.
@@ -141,7 +139,7 @@
      *         if the subject does not have access.
      */
     boolean checkPermission(Subject subject, Permission permission);
-    
+       
     /**
      * Retrieve a collection of all Permissions in the system ordered by Permission Type, resource
      * Note that we return a collection of <code>InternalPrincipal</code>

Added: portals/jetspeed-2/trunk/jetspeed-api/src/java/org/apache/jetspeed/security/SecurityAccessController.java
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/trunk/jetspeed-api/src/java/org/apache/jetspeed/security/SecurityAccessController.java?view=auto&rev=504018
==============================================================================
--- portals/jetspeed-2/trunk/jetspeed-api/src/java/org/apache/jetspeed/security/SecurityAccessController.java (added)
+++ portals/jetspeed-2/trunk/jetspeed-api/src/java/org/apache/jetspeed/security/SecurityAccessController.java Tue Feb  6 00:03:44 2007
@@ -0,0 +1,67 @@
+/* Copyright 2004 Apache Software Foundation
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.jetspeed.security;
+
+import org.apache.jetspeed.om.common.portlet.PortletDefinitionComposite;
+
+/**
+ * <p>
+ * This component abstracts access to security checks.
+ * Jetspeed supports two kinds of secured access:
+ * <ul>
+ * <li>Permissions</li>
+ * <li>Constraints</li>
+ * </ul>
+ * Permissions are checked via Java Security. Jetspeed implements its own security policy.
+ * Constrainted are checked via the Page Manager's constraints.
+ * Either way, the implicit Jetspeed Security Subject is applied to the security access check.
+ * </p>
+ * 
+ * @author <a href="mailto:taylor@apache.org">David Sean Taylor</a>
+ * @version $Id: $
+ */
+public interface SecurityAccessController
+{   
+    /**
+     * Use the Java Security Policy (Permissions) to make secure access checks
+     */
+    final int PERMISSIONS = 1;
+    /**
+     * Use the Jetspeed Security Constraints to make secure access checks
+     */
+    final int CONSTRAINTS = 2;
+    
+    /**
+     * <p>
+     * Checks access for the implicit active subject's access to the resource protected by the portlet permission
+     * This is an abstraction introduced in 2.1 for Permission Manager implementations NOT
+     * founded upon the a Java security policy. If the Permission Manager is configured to 
+     * run with Security Constraints, then a security constraint check is made. Otherwise, 
+     * a standard Java Security permission check is made.</p>
+     * 
+     * @param portlet The portlet to be checked
+     * @param mask A mask <code>JetspeedActions</code> such as view, edit
+     * @return true if access is granted, false if access denied based on policy or constraints
+     */
+    boolean checkPortletAccess(PortletDefinitionComposite portlet, int mask);
+    
+    /**
+     * Returns the configured security mode for this accessor
+     * This component can be configured to make Java Security Policy permission checks
+     * or Jetspeed Security Constraint checks
+     * @return either PERMISSIONS or CONSTRAINTS
+     */
+    int getSecurityMode();
+}
\ No newline at end of file

Modified: portals/jetspeed-2/trunk/layout-portlets/src/webapp/WEB-INF/jetspeed-portlet.xml
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/trunk/layout-portlets/src/webapp/WEB-INF/jetspeed-portlet.xml?view=diff&rev=504018&r1=504017&r2=504018
==============================================================================
--- portals/jetspeed-2/trunk/layout-portlets/src/webapp/WEB-INF/jetspeed-portlet.xml (original)
+++ portals/jetspeed-2/trunk/layout-portlets/src/webapp/WEB-INF/jetspeed-portlet.xml Tue Feb  6 00:03:44 2007
@@ -24,7 +24,7 @@
     <dc:title>Jetspeed Layout Portlets</dc:title>
     <dc:title xml:lang="en">Layout Portlets</dc:title>
     <dc:creator>J2 Team</dc:creator>
-    
+    <js:metadata name="layout-app">true</js:metadata>    
 
 	<js:services>
 	    <js:service name='IdGenerator'/>

Modified: portals/jetspeed-2/trunk/src/webapp/WEB-INF/assembly/administration.xml
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/trunk/src/webapp/WEB-INF/assembly/administration.xml?view=diff&rev=504018&r1=504017&r2=504018
==============================================================================
--- portals/jetspeed-2/trunk/src/webapp/WEB-INF/assembly/administration.xml (original)
+++ portals/jetspeed-2/trunk/src/webapp/WEB-INF/assembly/administration.xml Tue Feb  6 00:03:44 2007
@@ -83,6 +83,21 @@
                 <prop key="register*">PROPAGATION_REQUIRED,-org.apache.jetspeed.administration.RegistrationException</prop>
             </props>
         </property>
+</bean>
+
+<bean id="org.apache.jetspeed.security.SecurityAccessController"
+      class='org.apache.jetspeed.security.impl.SecurityAccessControllerImpl'>
+    	<constructor-arg index='0'>
+    		<ref bean="org.apache.jetspeed.page.PageManager"/> 
+    	</constructor-arg>
+    	<!--
+    	   Security Mode:
+    	      1 = Permissions = use Jetspeed Java Security Policy
+    	      2 = Constraints = use Jetspeed (PageManager) Constraint-based Security  
+    	 -->
+    	 <constructor-arg index="1">
+            <value>2</value>
+        </constructor-arg>
 </bean>
     
 </beans>

Modified: portals/jetspeed-2/trunk/src/webapp/WEB-INF/assembly/ajax-layout.xml
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/trunk/src/webapp/WEB-INF/assembly/ajax-layout.xml?view=diff&rev=504018&r1=504017&r2=504018
==============================================================================
--- portals/jetspeed-2/trunk/src/webapp/WEB-INF/assembly/ajax-layout.xml (original)
+++ portals/jetspeed-2/trunk/src/webapp/WEB-INF/assembly/ajax-layout.xml Tue Feb  6 00:03:44 2007
@@ -212,7 +212,7 @@
         <ref bean="org.apache.jetspeed.search.SearchEngine"/>        
     </constructor-arg>              
     <constructor-arg index='5'>
-        <ref bean="org.apache.jetspeed.security.PermissionManager"/>        
+        <ref bean="org.apache.jetspeed.security.SecurityAccessController"/>        
     </constructor-arg>       
     <constructor-arg index='6'>
         <ref bean="PortletActionSecurityBehavior"/>        

Modified: portals/jetspeed-2/trunk/src/webapp/WEB-INF/assembly/jetspeed-services.xml
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/trunk/src/webapp/WEB-INF/assembly/jetspeed-services.xml?view=diff&rev=504018&r1=504017&r2=504018
==============================================================================
--- portals/jetspeed-2/trunk/src/webapp/WEB-INF/assembly/jetspeed-services.xml (original)
+++ portals/jetspeed-2/trunk/src/webapp/WEB-INF/assembly/jetspeed-services.xml Tue Feb  6 00:03:44 2007
@@ -98,6 +98,9 @@
           <entry key="org.apache.jetspeed.container.session.PortalSessionsManager">
             <bean class="org.apache.jetspeed.container.session.PortalSessionsManagerImpl"/>
           </entry>
+          <entry key="SecurityAccessController">
+            <ref bean="org.apache.jetspeed.security.SecurityAccessController"/>
+          </entry>
           
 <!-- first uncomment the below service bean in security-spi-atn.xml
          <entry key="PasswordEncodingService">



---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-dev-unsubscribe@portals.apache.org
For additional commands, e-mail: jetspeed-dev-help@portals.apache.org


Mime
View raw message